WO2020198216A1 - Methods, apparatus and systems for secured radio resource control (rrc) signaling over a pc5 interface for unicast communication - Google Patents

Methods, apparatus and systems for secured radio resource control (rrc) signaling over a pc5 interface for unicast communication Download PDF

Info

Publication number
WO2020198216A1
WO2020198216A1 PCT/US2020/024443 US2020024443W WO2020198216A1 WO 2020198216 A1 WO2020198216 A1 WO 2020198216A1 US 2020024443 W US2020024443 W US 2020024443W WO 2020198216 A1 WO2020198216 A1 WO 2020198216A1
Authority
WO
WIPO (PCT)
Prior art keywords
wtru
layer
plane
security
rrc
Prior art date
Application number
PCT/US2020/024443
Other languages
English (en)
French (fr)
Inventor
Michelle Perras
Samir Ferdi
Martino Freda
Saad Ahmad
Original Assignee
Idac Holdings, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Idac Holdings, Inc. filed Critical Idac Holdings, Inc.
Priority to CN202080030131.8A priority Critical patent/CN113711567A/zh
Priority to BR112021019171A priority patent/BR112021019171A2/pt
Priority to US17/441,796 priority patent/US20220174481A1/en
Priority to KR1020217030890A priority patent/KR20210154146A/ko
Priority to EP20720220.1A priority patent/EP3949325A1/en
Publication of WO2020198216A1 publication Critical patent/WO2020198216A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/047Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
    • H04W12/0471Key exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/37Managing security policies for mobile devices or for controlling mobile applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/46Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for vehicle-to-vehicle communication [V2V]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/16Interfaces between hierarchically similar devices
    • H04W92/18Interfaces between hierarchically similar devices between terminal devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]

Definitions

  • Embodiments disclosed herein generally relate to wireless communications and, for example to methods, apparatus and systems for secured Radio Resource Control (RRC) signaling over a PC5 interface, for example, for unicast communication.
  • RRC Radio Resource Control
  • Method, apparatus and systems are disclosed that may be implemented in a Wireless Transmit/Receive Unit (WTRU), for example, for unicast communication with another WTRU.
  • WTRU Wireless Transmit/Receive Unit
  • One representative method includes sending, by the WTRU to the other WTRU via a PC5 interface, a communication request indicating first security information for the WTRU and receiving, by the WTRU from the other WTRU via the PC5 interface, information which is integrity protected indicating second security information for the other WTRU.
  • the representative method also includes deriving, by the WTRU from the indicated second security information, a first set of security keys for communication via a first layer using the U-plane and a second set of security keys for communication via a second layer using the C-plane; and sending, by the WTRU to the other WTRU via the PC5 interface, a message that is at least integrity protected using the derived first set of keys.
  • FIG. 1A is a system diagram illustrating an example communications system in which one or more disclosed embodiments may be implemented
  • FIG. 1 B is a system diagram illustrating an example wireless transmit/receive unit (WTRU) that may be used within the communications system illustrated in FIG. 1A according to an embodiment;
  • WTRU wireless transmit/receive unit
  • FIG. 1 C is a system diagram illustrating an example radio access network (RAN) and an example core network (CN) that may be used within the communications system illustrated in FIG. 1A according to an embodiment
  • FIG. 1 D is a system diagram illustrating a further example RAN and a further example CN that may be used within the communications system illustrated in FIG. 1A according to an embodiment
  • FIG. 2 is a diagram illustrating a representative procedure for security establishment at connection setup over PC5;
  • FIG. 3 is a diagram illustrating a representative procedure for combined security establishment provided at PC5 Signaling Layer (e.g., over the user plane (U-plane));
  • PC5 Signaling Layer e.g., over the user plane (U-plane)
  • FIG. 4 is a diagram illustrating a representative procedure for a PC5 signaling over the control plane (C-plane) with security establishment at the RRC layer;
  • FIG. 5 is a diagram illustrating a representative procedure for a combined security establishment & AS layer information transfer at the RRC layer;
  • FIG. 6 is a diagram illustrating a representative procedure for security establishment at the RRC Layer prior to the PC5 Link establishment
  • FIG. 7 is a flowchart illustrating a representative security procedure (e.g., for unicast communications by a WTRU with another WTRU);
  • FIG. 8 is a flowchart illustrating another representative security procedure (e.g., for unicast communications by a WTRU with another WTRU);
  • FIG. 9 is a flowchart illustrating a further representative security procedure (e.g., for unicast communications by a WTRU with another WTRU);
  • FIG. 10 is a flowchart illustrating an additional representative security procedure (e.g., for unicast communications by a WTRU with another WTRU);
  • FIG. 1 1 is a flowchart illustrating yet another representative security procedure (e.g., for unicast communications by a WTRU with another WTRU);
  • FIG. 12 is a flowchart illustrating a yet further representative security procedure (e.g., for unicast communications by a WTRU with another WTRU).
  • Certain embodiments may be implemented in autonomous and/or semi-autonomous vehicles, robotic vehicles, cars, loT gear, any device that moves, or a WTRU or other communication devices, which, in turn, may be used in a communication network.
  • the following section provides a description of some exemplary WTRUs and/or other communication devices and networks in which they may be incorporated.
  • FIG. 1A is a diagram illustrating an example communications system 100 in which one or more disclosed embodiments may be implemented.
  • the communications system 100 may be a multiple access system that provides content, such as voice, data, video, messaging, broadcast, etc., to multiple wireless users.
  • the communications system 100 may enable multiple wireless users to access such content through the sharing of system resources, including wireless bandwidth.
  • the communications systems 100 may employ one or more channel access methods, such as code division multiple access (CDMA), time division multiple access (TDMA), frequency division multiple access (FDMA), orthogonal FDMA (OFDMA), single-carrier FDMA (SC-FDMA), zero-tail unique-word DFT-Spread OFDM (ZT UW DTS-s OFDM), unique word OFDM (UW-OFDM), resource block-filtered OFDM, filter bank multicarrier (FBMC), and the like.
  • CDMA code division multiple access
  • TDMA time division multiple access
  • FDMA frequency division multiple access
  • OFDMA orthogonal FDMA
  • SC-FDMA single-carrier FDMA
  • ZT UW DTS-s OFDM zero-tail unique-word DFT-Spread OFDM
  • UW-OFDM unique word OFDM
  • FBMC filter bank multicarrier
  • the communications system 100 may include wireless transmit/receive units (WTRUs) 102a, 102b, 102c, 102d, a RAN 104/1 13, a ON 106/1 15, a public switched telephone network (PSTN) 108, the Internet 1 10, and other networks 1 12, though it will be appreciated that the disclosed embodiments contemplate any number of WTRUs, base stations, networks, and/or network elements.
  • WTRUs 102a, 102b, 102c, 102d may be any type of device configured to operate and/or communicate in a wireless environment.
  • the WTRUs 102a, 102b, 102c, 102d may be configured to transmit and/or receive wireless signals and may include a user equipment (UE), a mobile station, a fixed or mobile subscriber unit, a subscription-based unit, a pager, a cellulartelephone, a personal digital assistant (PDA), a smartphone, a laptop, a netbook, a personal computer, a wireless sensor, a hotspot or Mi-Fi device, an Internet of Things (loT) device, a watch or other wearable, a head-mounted display (HMD), a vehicle, a drone, a medical device and applications (e.g., remote surgery), an industrial device and applications (e.g., a robot and/or other wireless devices operating in an industrial and/or an automated processing chain contexts), a consumer electronics device, a device operating on commercial and/or industrial wireless networks, and the like.
  • UE user equipment
  • PDA personal digital assistant
  • smartphone a laptop
  • a netbook a personal
  • the communications systems 100 may also include a base station 1 14a and/or a base station 1 14b.
  • Each of the base stations 1 14a, 1 14b may be any type of device configured to wirelessly interface with at least one of the WTRUs 102a, 102b, 102c, 102d to facilitate access to one or more communication networks, such as the CN 106/1 15, the Internet 1 10, and/or the other networks 1 12.
  • the base stations 1 14a, 1 14b may be a base transceiver station (BTS), a Node-B, an eNode B (end), a Home Node B (HNB), a Home eNode B (HeNB), a gNB, a NR Node B, a site controller, an access point (AP), a wireless router, and the like. While the base stations 1 14a, 1 14b are each depicted as a single element, it will be appreciated that the base stations 1 14a, 1 14b may include any number of interconnected base stations and/or network elements.
  • the base station 1 14a may be part of the RAN 104/1 13, which may also include other base stations and/or network elements (not shown), such as a base station controller (BSC), a radio network controller (RNC), relay nodes, etc.
  • the base station 1 14a and/or the base station 1 14b may be configured to transmit and/or receive wireless signals on one or more carrier frequencies, which may be referred to as a cell (not shown). These frequencies may be in licensed spectrum, unlicensed spectrum, or a combination of licensed and unlicensed spectrum.
  • a cell may provide coverage for a wireless service to a specific geographical area that may be relatively fixed or that may change over time. The cell may further be divided into cell sectors.
  • the cell associated with the base station 1 14a may be divided into three sectors.
  • the base station 1 14a may include three transceivers, i.e., one for each sector of the cell.
  • the base station 1 14a may employ multiple4nput multiple output (MIMO) technology and may utilize multiple transceivers for each sector of the cell.
  • MIMO multiple4nput multiple output
  • beamforming may be used to transmit and/or receive signals in desired spatial directions.
  • the base stations 1 14a, 1 14b may communicate with one or more of the WTRUs 102a, 102b, 102c, 102d over an air interface 1 16, which may be any suitable wireless communication link (e.g., radio frequency (RF), microwave, centimeter wave, micrometer wave, infrared (IR), ultraviolet (UV), visible light, etc.).
  • the air interface 1 16 may be established using any suitable radio access technology (RAT).
  • RAT radio access technology
  • the communications system 100 may be a multiple access system and may employ one or more channel access schemes, such as CDMA, TDMA, FDMA, OFDMA, SC-FDMA, and the like.
  • the base station 1 14a in the RAN 104/1 13 and the WTRUs 102a, 102b, 102c may implement a radio technology such as Universal Mobile Telecommunications System (UMTS) Terrestrial Radio Access (UTRA), which may establish the air interface 1 16 using wideband CDMA (WCDMA).
  • WCDMA may include communication protocols such as High-Speed Packet Access (HSPA) and/or Evolved HSPA (HSPA+).
  • HSPA may include High-Speed Downlink (DL) Packet Access (HSDPA) and/or High-Speed UL Packet Access (HSU PA).
  • the base station 1 14a and the WTRUs 102a, 102b, 102c may implement a radio technology such as Evolved UMTS Terrestrial Radio Access (E-UTRA), which may establish the air interface 1 16 using Long Term Evolution (LTE) and/or LTE-Advanced (LTE- A) and/or LTE-Advanced Pro (LTE-A Pro).
  • E-UTRA Evolved UMTS Terrestrial Radio Access
  • LTE Long Term Evolution
  • LTE- A LTE-Advanced
  • LTE-A Pro LTE-Advanced Pro
  • the base station 1 14a and the WTRUs 102a, 102b, 102c may implement a radio technology such as NR Radio Access, which may establish the air interface 1 16 using New Radio (NR).
  • a radio technology such as NR Radio Access, which may establish the air interface 1 16 using New Radio (NR).
  • the base station 1 14a and the WTRUs 102a, 102b, 102c may implement multiple radio access technologies.
  • the base station 1 14a and the WTRUs 102a, 102b, 102c may implement LTE radio access and NR radio access together, for instance using dual connectivity (DC) principles.
  • DC dual connectivity
  • the air interface utilized by WTRUs 102a, 102b, 102c may be characterized by multiple types of radio access technologies and/or transmissions sent to/from multiple types of base stations (e.g., an end and a gNB).
  • the base station 1 14a and the WTRUs 102a, 102b, 102c may implement radio technologies such as IEEE 802.11 (i.e., Wireless Fidelity (WiFi), IEEE 802.16 (i.e., Worldwide Interoperability for Microwave Access (WiMAX)), CDMA2000, CDMA2000 1X, CDMA2000 EV-DO, Interim Standard 2000 (IS-2000), Interim Standard 95 (IS-95), Interim Standard 856 (IS-856), Global System for Mobile communications (GSM), Enhanced Data rates for GSM Evolution (EDGE), GSM EDGE (GERAN), and the like.
  • IEEE 802.11 i.e., Wireless Fidelity (WiFi)
  • IEEE 802.16 i.e., Worldwide Interoperability for Microwave Access (WiMAX)
  • CDMA2000, CDMA2000 1X, CDMA2000 EV-DO Code Division Multiple Access 2000
  • IS-95 Interim Standard 95
  • IS-856 Interim Standard 856
  • GSM Global System for
  • the base station 1 14b in FIG. 1A may be a wireless router, Home Node B, Home eNode B, or access point, for example, and may utilize any suitable RAT for facilitating wireless connectivity in a localized area, such as a place of business, a home, a vehicle, a campus, an industrial facility, an air corridor (e.g., for use by drones), a roadway, and the like.
  • the base station 1 14b and the WTRUs 102c, 102d may implement a radio technology such as IEEE 802.1 1 to establish a wireless local area network (WLAN).
  • WLAN wireless local area network
  • the base station 1 14b and the WTRUs 102c, 102d may implement a radio technology such as IEEE 802.15 to establish a wireless personal area network (WPAN).
  • the base station 1 14b and the WTRUs 102c, 102d may utilize a cellular-based RAT (e.g., WCDMA, CDMA2000, GSM, LTE, LTE-A, LTE-A Pro, NR etc.) to establish a picocell or femtocell.
  • the base station 1 14b may have a direct connection to the Internet 1 10.
  • the base station 1 14b may not be required to access the Internet 1 10 via the CN 106/1 15.
  • the RAN 104/1 13 may be in communication with the CN 106/1 15, which may be any type of network configured to provide voice, data, applications, and/or voice over internet protocol (VoIP) services to one or more of the WTRUs 102a, 102b, 102c, 102d.
  • the data may have varying quality of service (QoS) requirements, such as differing throughput requirements, latency requirements, error tolerance requirements, reliability requirements, data throughput requirements, mobility requirements, and the like.
  • QoS quality of service
  • the CN 106/1 15 may provide call control, billing services, mobile location-based services, pre-paid calling, Internet connectivity, video distribution, etc., and/or perform high-level security functions, such as user authentication.
  • the RAN 104/1 13 and/or the CN 106/1 15 may be in direct or indirect communication with other RANs that employ the same RAT as the RAN 104/1 13 or a different RAT.
  • the CN 106/1 15 may also be in communication with another RAN (not shown) employing a GSM, UMTS, CDMA 2000, WiMAX, E-UTRA, or WiFi radio technology.
  • the CN 106/1 15 may also serve as a gateway for the WTRUs 102a, 102b, 102c, 102d to access the PSTN 108, the Internet 1 10, and/or the other networks 1 12.
  • the PSTN 108 may include circuit-switched telephone networks that provide plain old telephone service (POTS).
  • POTS plain old telephone service
  • the Internet 110 may include a global system of interconnected computer networks and devices that use common communication protocols, such as the transmission control protocol (TCP), user datagram protocol (UDP) and/or the internet protocol (IP) in the TCP/IP internet protocol suite.
  • the networks 1 12 may include wired and/or wireless communications networks owned and/or operated by other service providers.
  • the networks 1 12 may include another CN connected to one or more RANs, which may employ the same RAT as the RAN 104/1 13 or a different RAT.
  • Some or all of the WTRUs 102a, 102b, 102c, 102d in the communications system 100 may include multi-mode capabilities (e.g., the WTRUs 102a, 102b, 102c, 102d may include multiple transceivers for communicating with different wireless networks over different wireless links).
  • the WTRU 102c shown in FIG. 1A may be configured to communicate with the base station 1 14a, which may employ a cellular-based radio technology, and with the base station 1 14b, which may employ an IEEE 802 radio technology.
  • FIG. 1 B is a system diagram illustrating an example WTRU 102.
  • the WTRU 102 may include a processor 1 18, a transceiver 120, a transmit/receive element 122, a speaker/microphone 124, a keypad 126, a display/touchpad 128, non-removable memory 130, removable memory 132, a power source 134, a global positioning system (GPS) chipset 136, and/or other peripherals 138, among others.
  • GPS global positioning system
  • the processor 1 18 may be a general purpose processor, a special purpose processor, a conventional processor, a digital signal processor (DSP), a plurality of microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) circuits, any other type of integrated circuit (IC), a state machine, and the like.
  • the processor 1 18 may perform signal coding, data processing, power control, input/output processing, and/or any other functionality that enables the WTRU 102 to operate in a wireless environment.
  • the processor 1 18 may be coupled to the transceiver 120, which may be coupled to the transmit/receive element 122. While FIG. 1 B depicts the processor 1 18 and the transceiver 120 as separate components, it will be appreciated that the processor 1 18 and the transceiver 120 may be integrated together in an electronic package or chip.
  • the transmit/receive element 122 may be configured to transmit signals to, or receive signals from, a base station (e.g., the base station 1 14a) over the air interface 1 16.
  • a base station e.g., the base station 1 14a
  • the transmit/receive element 122 may be an antenna configured to transmit and/or receive RF signals.
  • the transmit/receive element 122 may be an emitter/detector configured to transmit and/or receive IR, UV, or visible light signals, for example.
  • the transmit/receive element 122 may be configured to transmit and/or receive both RF and light signals. It will be appreciated that the transmit/receive element 122 may be configured to transmit and/or receive any combination of wireless signals.
  • the WTRU 102 may include any number of transmit/receive elements 122. More specifically, the WTRU 102 may employ MIMO technology. Thus, in one embodiment, the WTRU 102 may include two or more transmit/receive elements 122 (e.g., multiple antennas) for transmitting and receiving wireless signals over the air interface 1 16.
  • the transceiver 120 may be configured to modulate the signals that are to be transmitted by the transmit/receive element 122 and to demodulate the signals that are received by the transmit/receive element 122.
  • the WTRU 102 may have multi-mode capabilities.
  • the transceiver 120 may include multiple transceivers for enabling the WTRU 102 to communicate via multiple RATs, such as NR and IEEE 802.1 1 , for example.
  • the processor 1 18 of the WTRU 102 may be coupled to, and may receive user input data from, the speaker/microphone 124, the keypad 126, and/or the display/touchpad 128 (e.g., a liquid crystal display (LCD) display unit or organic light-emitting diode (OLED) display unit).
  • the processor 1 18 may also output user data to the speaker/microphone 124, the keypad 126, and/or the display/touchpad 128.
  • the processor 1 18 may access information from, and store data in, any type of suitable memory, such as the non-removable memory 130 and/or the removable memory 132.
  • the non-removable memory 130 may include random-access memory (RAM), read-only memory (ROM), a hard disk, or any other type of memory storage device.
  • the removable memory 132 may include a subscriber identity module (SIM) card, a memory stick, a secure digital (SD) memory card, and the like.
  • SIM subscriber identity module
  • SD secure digital
  • the processor 1 18 may access information from, and store data in, memory that is not physically located on the WTRU 102, such as on a server or a home computer (not shown).
  • the processor 1 18 may receive power from the power source 134, and may be configured to distribute and/or control the power to the other components in the WTRU 102.
  • the power source 134 may be any suitable device for powering the WTRU 102.
  • the power source 134 may include one or more dry cell batteries (e.g., nickel-cadmium (NiCd), nickel-zinc (NiZn), nickel metal hydride (NiMH), lithium-ion (Li-ion), etc.), solar cells, fuel cells, and the like.
  • the processor 1 18 may also be coupled to the GPS chipset 136, which may be configured to provide location information (e.g., longitude and latitude) regarding the current location of the WTRU 102.
  • location information e.g., longitude and latitude
  • the WTRU 102 may receive location information over the air interface 1 16 from a base station (e.g., base stations 1 14a, 1 14b) and/or determine its location based on the timing of the signals being received from two or more nearby base stations. It will be appreciated that the WTRU 102 may acquire location information by way of any suitable location-determination method while remaining consistent with an embodiment.
  • the processor 1 18 may further be coupled to other peripherals 138, which may include one or more software and/or hardware modules that provide additional features, functionality and/or wired or wireless connectivity.
  • the peripherals 138 may include an accelerometer, an e-compass, a satellite transceiver, a digital camera (for photographs and/or video), a universal serial bus (USB) port, a vibration device, a television transceiver, a hands free headset, a Bluetooth® module, a frequency modulated (FM) radio unit, a digital music player, a media player, a video game player module, an Internet browser, a Virtual Reality and/or Augmented Reality (VR/AR) device, an activity tracker, and the like.
  • FM frequency modulated
  • the peripherals 138 may include one or more sensors, the sensors may be one or more of a gyroscope, an accelerometer, a hall effect sensor, a magnetometer, an orientation sensor, a proximity sensor, a temperature sensor, a time sensor; a geolocation sensor; an altimeter, a light sensor, a touch sensor, a magnetometer, a barometer, a gesture sensor, a biometric sensor, and/or a humidity sensor.
  • a gyroscope an accelerometer, a hall effect sensor, a magnetometer, an orientation sensor, a proximity sensor, a temperature sensor, a time sensor; a geolocation sensor; an altimeter, a light sensor, a touch sensor, a magnetometer, a barometer, a gesture sensor, a biometric sensor, and/or a humidity sensor.
  • the processor 1 18 of the WTRU 102 may operatively communicate with various peripherals 138 including, for example, any of: the one or more accelerometers, the one or more gyroscopes, the USB port, other communication interfaces/ports, the display and/or other visual/audio indicators to implement representative embodiments disclosed herein.
  • the WTRU 102 may include a full duplex radio for which transmission and reception of some or all of the signals (e.g., associated with particular subframes for both the UL (e.g., for transmission) and downlink (e.g., for reception) may be concurrent and/or simultaneous.
  • the full duplex radio may include an interference management unit to reduce and or substantially eliminate self-interference via either hardware (e.g., a choke) or signal processing via a processor (e.g., a separate processor (not shown) or via processor 1 18).
  • the WTRU 102 may include a half-duplex radio for which transmission and reception of some or all of the signals (e.g., associated with particular subframes for either the UL (e.g., for transmission) or the downlink (e.g., for reception)).
  • a half-duplex radio for which transmission and reception of some or all of the signals (e.g., associated with particular subframes for either the UL (e.g., for transmission) or the downlink (e.g., for reception)).
  • FIG. 1 C is a system diagram illustrating the RAN 104 and the CN 106 according to an embodiment.
  • the RAN 104 may employ an E-UTRA radio technology to communicate with the WTRUs 102a, 102b, 102c over the air interface 1 16.
  • the RAN 104 may also be in communication with the CN 106.
  • the RAN 104 may include eNode Bs 160a, 160b, 160c, though it will be appreciated that the RAN 104 may include any number of eNode Bs while remaining consistent with an embodiment.
  • the eNode Bs 160a, 160b, 160c may each include one or more transceivers for communicating with the WTRUs 102a, 102b, 102c over the air interface 1 16.
  • the eNode Bs 160a, 160b, 160c may implement MIMO technology.
  • the eNode B 160a for example, may use multiple antennas to transmit wireless signals to, and/or receive wireless signals from, the WTRU 102a.
  • Each of the eNode Bs 160a, 160b, 160c may be associated with a particular cell (not shown) and may be configured to handle radio resource management decisions, handover decisions, scheduling of users in the UL and/or DL, and the like. As shown in FIG. 1 C, the eNode Bs 160a, 160b, 160c may communicate with one another over an X2 interface.
  • the CN 106 shown in FIG. 1 C may include a mobility management entity (MME) 162, a serving gateway (SGW) 164, and a packet data network (PDN) gateway (or PGW) 166. While each of the foregoing elements are depicted as part of the CN 106, it will be appreciated that any of these elements may be owned and/or operated by an entity other than the CN operator.
  • MME mobility management entity
  • SGW serving gateway
  • PGW packet data network gateway
  • the MME 162 may be connected to each of the eNode Bs 160a, 160b, 160c in the RAN 104 via an S1 interface and may serve as a control node.
  • the MME 162 may be responsible for authenticating users of the WTRUs 102a, 102b, 102c, bearer activation/deactivation, selecting a particular serving gateway during an initial attach of the WTRUs 102a, 102b, 102c, and the like.
  • the MME 162 may provide a control plane function for switching between the RAN 104 and other RANs (not shown) that employ other radio technologies, such as GSM and/or WCDMA.
  • the SGW 164 may be connected to each of the eNode Bs 160a, 160b, 160c in the RAN 104 via the S1 interface.
  • the SGW 164 may generally route and forward user data packets to/from the WTRUs 102a, 102b, 102c.
  • the SGW 164 may perform other functions, such as anchoring user planes during inter-eNode B handovers, triggering paging when DL data is available for the WTRUs 102a, 102b, 102c, managing and storing contexts of the WTRUs 102a, 102b, 102c, and the like.
  • the SGW 164 may be connected to the PGW 166, which may provide the WTRUs 102a, 102b, 102c with access to packet-switched networks, such as the Internet 1 10, to facilitate communications between the WTRUs 102a, 102b, 102c and IP-enabled devices.
  • packet-switched networks such as the Internet 1 10
  • the CN 106 may facilitate communications with other networks.
  • the CN 106 may provide the WTRUs 102a, 102b, 102c with access to circuit-switched networks, such as the PSTN 108, to facilitate communications between the WTRUs 102a, 102b, 102c and traditional land-line communications devices.
  • the CN 106 may include, or may communicate with, an IP gateway (e.g., an IP multimedia subsystem (IMS) server) that serves as an interface between the CN 106 and the PSTN 108.
  • IMS IP multimedia subsystem
  • the CN 106 may provide the WTRUs 102a, 102b, 102c with access to the other networks 1 12, which may include other wired and/or wireless networks that are owned and/or operated by other service providers.
  • the WTRU is described in FIGS. 1 A-1 D as a wireless terminal, it is contemplated that in certain representative embodiments that such a terminal may use (e.g., temporarily or permanently) wired communication interfaces with the communication network.
  • the other network 1 12 may be a WLAN.
  • a WLAN in Infrastructure Basic Service Set (BSS) mode may have an Access Point (AP) for the BSS and one or more stations (ST As) associated with the AP.
  • the AP may have an access or an interface to a Distribution System (DS) or another type of wired/wireless network that carries traffic in to and/or out of the BSS.
  • Traffic to STAs that originates from outside the BSS may arrive through the AP and may be delivered to the STAs.
  • Traffic originating from STAs to destinations outside the BSS may be sent to the AP to be delivered to respective destinations.
  • Traffic between STAs within the BSS may be sent through the AP, for example, where the source STA may send traffic to the AP and the AP may deliver the traffic to the destination STA.
  • the traffic between STAs within a BSS may be considered and/or referred to as peer-to-peer traffic.
  • the peer-to-peer traffic may be sent between (e.g., directly between) the source and destination STAs with a direct link setup (DLS).
  • the DLS may use an 802.1 1 e DLS or an 802.1 1z tunneled DLS (TDLS).
  • a WLAN using an Independent BSS (IBSS) mode may not have an AP, and the STAs (e.g., all of the STAs) within or using the IBSS may communicate directly with each other.
  • the IBSS mode of communication may sometimes be referred to herein as an “ad-hoc” mode of communication.
  • the AP may transmit a beacon on a fixed channel, such as a primary channel.
  • the primary channel may be a fixed width (e.g., 20 MHz wide bandwidth) or a dynamically set width via signaling.
  • the primary channel may be the operating channel of the BSS and may be used by the STAs to establish a connection with the AP.
  • Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) may be implemented, for example in in 802.1 1 systems.
  • the STAs e.g., every ST A), including the AP, may sense the primary channel. If the primary channel is sensed/detected and/or determined to be busy by a particular STA, the particular STA may back off.
  • One STA (e.g., only one station) may transmit at any given time in a given BSS.
  • High Throughput (HT) STAs may use a 40 MHz wide channel for communication, for example, via a combination of the primary 20 MHz channel with an adjacent or nonadjacent 20 MHz channel to form a 40 MHz wide channel.
  • VHT STAs may support 20MHz, 40 MHz, 80 MHz, and/or 160 MHz wide channels.
  • the 40 MHz, and/or 80 MHz, channels may be formed by combining contiguous 20 MHz channels.
  • a 160 MHz channel may be formed by combining 8 contiguous 20 MHz channels, or by combining two non-contiguous 80 MHz channels, which may be referred to as an 80+80 configuration.
  • the data, after channel encoding may be passed through a segment parser that may divide the data into two streams.
  • Inverse Fast Fourier Transform (IFFT) processing, and time domain processing may be done on each stream separately.
  • IFFT Inverse Fast Fourier Transform
  • the streams may be mapped on to the two 80 MHz channels, and the data may be transmitted by a transmitting STA.
  • the above described operation for the 80+80 configuration may be reversed, and the combined data may be sent to the Medium Access Control (MAC).
  • MAC Medium Access Control
  • Sub 1 GHz modes of operation are supported by 802.1 1 af and 802.1 1 ah.
  • the channel operating bandwidths, and carriers, are reduced in 802.1 1 af and 802.1 1 ah relative to those used in 802.1 1 n, and 802.1 1 ac.
  • 802.1 1af supports 5 MHz, 10 MHz and 20 MHz bandwidths in the TV White Space (TVWS) spectrum
  • 802.1 1 ah supports 1 MHz, 2 MHz, 4 MHz, 8 MHz, and 16 MHz bandwidths using non-TVWS spectrum.
  • 802.1 1 ah may support Meter Type Control/Machine-Type Communications, such as MTC devices in a macro coverage area.
  • MTC devices may have certain capabilities, for example, limited capabilities including support for (e.g., only support for) certain and/or limited bandwidths.
  • the MTC devices may include a battery with a battery life above a threshold (e.g., to maintain a very long battery life).
  • WLAN systems which may support multiple channels, and channel bandwidths, such as 802.1 1 n, 802.1 1 ac, 802.1 1 af , and 802.1 1 ah, include a channel which may be designated as the primary channel.
  • the primary channel may have a bandwidth equal to the largest common operating bandwidth supported by all STAs in the BSS.
  • the bandwidth of the primary channel may be set and/or limited by a STA, from among all STAs in operating in a BSS, which supports the smallest bandwidth operating mode.
  • the primary channel may be 1 MHz wide for STAs (e.g., MTC type devices) that support (e.g., only support) a 1 MHz mode, even if the AP, and other STAs in the BSS support 2 MHz, 4 MHz, 8 MHz, 16 MHz, and/or other channel bandwidth operating modes.
  • Carrier sensing and/or Network Allocation Vector (NAV) settings may depend on the status of the primary channel. If the primary channel is busy, for example, due to a STA (which supports only a 1 MHz operating mode), transmitting to the AP, the entire available frequency bands may be considered busy even though a majority of the frequency bands remains idle and may be available.
  • STAs e.g., MTC type devices
  • NAV Network Allocation Vector
  • the available frequency bands which may be used by 802.1 1 ah, are from 902 MHz to 928 MHz. In Korea, the available frequency bands are from 917.5 MHz to 923.5 MHz. In Japan, the available frequency bands are from 916.5 MHz to 927.5 MHz. The total bandwidth available for 802.1 1 ah is 6 MHz to 26 MHz depending on the country code.
  • FIG. 1 D is a system diagram illustrating the RAN 1 13 and the CN 1 15 according to an embodiment.
  • the RAN 1 13 may employ an NR radio technology to communicate with the WTRUs 102a, 102b, 102c over the air interface 1 16.
  • the RAN 1 13 may also be in communication with the CN 1 15.
  • the RAN 1 13 may include gNBs 180a, 180b, 180c, though it will be appreciated that the RAN 1 13 may include any number of gNBs while remaining consistent with an embodiment.
  • the gNBs 180a, 180b, 180c may each include one or more transceivers for communicating with the WTRUs 102a, 102b, 102c over the air interface 1 16.
  • the gNBs 180a, 180b, 180c may implement MIMO technology.
  • gNBs 180a, 180b may utilize beamforming to transmit signals to and/or receive signals from the gNBs 180a, 180b, 180c.
  • the gNB 180a may use multiple antennas to transmit wireless signals to, and/or receive wireless signals from, the WTRU 102a.
  • the gNBs 180a, 180b, 180c may implement carrier aggregation technology.
  • the gNB 180a may transmit multiple component carriers to the WTRU 102a (not shown). A subset of these component carriers may be on unlicensed spectrum while the remaining component carriers may be on licensed spectrum.
  • the gNBs 180a, 180b, 180c may implement Coordinated Multi-Point (CoMP) technology.
  • WTRU 102a may receive coordinated transmissions from gNB 180a and gNB 180b (and/or gNB 180c).
  • CoMP Coordinated Multi-Point
  • the WTRUs 102a, 102b, 102c may communicate with gNBs 180a, 180b, 180c using transmissions associated with a scalable numerology. For example, the OFDM symbol spacing and/or OFDM subcarrier spacing may vary for different transmissions, different cells, and/or different portions of the wireless transmission spectrum.
  • the WTRUs 102a, 102b, 102c may communicate with gNBs 180a, 180b, 180c using subframe or transmission time intervals (TTIs) of various or scalable lengths (e.g., containing varying number of OFDM symbols and/or lasting varying lengths of absolute time).
  • TTIs subframe or transmission time intervals
  • the gNBs 180a, 180b, 180c may be configured to communicate with the WTRUs 102a, 102b, 102c in a standalone configuration and/or a non-standalone configuration.
  • WTRUs 102a, 102b, 102c may communicate with gNBs 180a, 180b, 180c without also accessing other RANs (e.g., such as eNode Bs 160a, 160b, 160c).
  • WTRUs 102a, 102b, 102c may utilize one or more of gNBs 180a, 180b, 180c as a mobility anchor point.
  • WTRUs 102a, 102b, 102c may communicate with gNBs 180a, 180b, 180c using signals in an unlicensed band.
  • WTRUs 102a, 102b, 102c may communicate with/connect to gNBs 180a, 180b, 180c while also communicating with/connecting to another RAN such as eNode Bs 160a, 160b, 160c.
  • WTRUs 102a, 102b, 102c may implement DC principles to communicate with one or more gNBs 180a, 180b, 180c and one or more eNode Bs 160a, 160b, 160c substantially simultaneously.
  • eNode Bs 160a, 160b, 160c may serve as a mobility anchor for WTRUs 102a, 102b, 102c and gNBs 180a, 180b, 180c may provide additional coverage and/or throughput for servicing WTRUs 102a, 102b, 102c.
  • Each of the gNBs 180a, 180b, 180c may be associated with a particular cell (not shown) and may be configured to handle radio resource management decisions, handover decisions, scheduling of users in the UL and/or DL, support of network slicing, dual connectivity, interworking between NR and E-UTRA, routing of user plane data towards User Plane Function (UPF) 184a, 184b, routing of control plane information towards Access and Mobility Management Function (AMF) 182a, 182b and the like. As shown in FIG. 1 D, the gNBs 180a, 180b, 180c may communicate with one another over an Xn interface.
  • UPF User Plane Function
  • AMF Access and Mobility Management Function
  • the CN 1 15 shown in FIG. 1 D may include at least one AMF 182a, 182b, at least one UPF 184a, 184b, at least one Session Management Function (SMF) 183a, 183b, and possibly a Data Network (DN) 185a, 185b. While each of the foregoing elements are depicted as part of the CN 115, it will be appreciated that any of these elements may be owned and/or operated by an entity other than the CN operator.
  • SMF Session Management Function
  • the AMF 182a, 182b may be connected to one or more of the gNBs 180a, 180b, 180c in the RAN 1 13 via an N2 interface and may serve as a control node.
  • the AMF 182a, 182b may be responsible for authenticating users of the WTRUs 102a, 102b, 102c, support for network slicing (e.g., handling of different Protocol Data Unit (PDU) sessions with different requirements), selecting a particular SMF 183a, 183b, management of the registration area, termination of Non-Access Stratum (NAS) signaling, mobility management, and the like.
  • PDU Protocol Data Unit
  • NAS Non-Access Stratum
  • Network slicing may be used by the AMF 182a, 182b in order to customize CN support for WTRUs 102a, 102b, 102c based on the types of services being utilized WTRUs 102a, 102b, 102c.
  • different network slices may be established for different use cases such as services relying on ultra-reliable low latency communication (URLLC) access, services relying on enhanced mobile (e.g., massive mobile) broadband (eMBB) access, services for machine type communication (MTC) access, and/or the like.
  • URLLC ultra-reliable low latency communication
  • eMBB enhanced mobile broadband
  • MTC machine type communication
  • the AMF 162 may provide a control plane function for switching between the RAN 1 13 and other RANs (not shown) that employ other radio technologies, such as LTE, LTE-A, LTE-A Pro, and/or non-3GPP access technologies such as WiFi.
  • radio technologies such as LTE, LTE-A, LTE-A Pro, and/or non-3GPP access technologies such as WiFi.
  • the SMF 183a, 183b may be connected to an AMF 182a, 182b in the CN 1 15 via an N1 1 interface.
  • the SMF 183a, 183b may also be connected to a UPF 184a, 184b in the CN 1 15 via an N4 interface.
  • the SMF 183a, 183b may select and control the UPF 184a, 184b and configure the routing of traffic through the UPF 184a, 184b.
  • the SMF 183a, 183b may perform other functions, such as managing and allocating WTRU 102 IP address, managing PDU sessions, controlling policy enforcement and QoS, providing downlink data notifications, and the like.
  • a PDU session type may be IP-based, non-IP based, Ethernet-based, and the like.
  • the UPF 184a, 184b may be connected to one or more of the gNBs 180a, 180b, 180c in the RAN 1 13 via an N3 interface, which may provide the WTRUs 102a, 102b, 102c with access to packet-switched networks, such as the Internet 110, to facilitate communications between the WTRUs 102a, 102b, 102c and IP-enabled devices.
  • the UPF 184, 184b may perform other functions, such as routing and forwarding packets, enforcing user plane policies, supporting multihomed PDU sessions, handling user plane QoS, buffering downlink packets, providing mobility anchoring, and the like.
  • the CN 1 15 may facilitate communications with other networks.
  • the CN 1 15 may include, or may communicate with, an IP gateway (e.g., an IP multimedia subsystem (IMS) server) that serves as an interface between the CN 1 15 and the PSTN 108.
  • the CN 115 may provide the WTRUs 102a, 102b, 102c with access to the other networks 1 12, which may include other wired and/or wireless networks that are owned and/or operated by other service providers.
  • IMS IP multimedia subsystem
  • the WTRUs 102a, 102b, 102c may be connected to a local Data Network (DN) 185a, 185b through the UPF 184a, 184b via the N3 interface to the UPF 184a, 184b and an N6 interface between the UPF 184a, 184b and the DN 185a, 185b.
  • DN local Data Network
  • one or more, or all, of the functions described herein with regard to one or more of: WTRU 102a-d, Base Station 1 14a-b, eNode B 160a-c, MME 162, SGW 164, PGW 166, gNB 180a-c, AMF 182a-b, UPF 184a-b, SMF 183a-b, DN 185a-b, and/or any other device(s) described herein, may be performed by one or more emulation devices (not shown).
  • the emulation devices may be one or more devices configured to emulate one or more, or all, of the functions described herein.
  • the emulation devices may be used to test other devices and/or to simulate network and/or WTRU functions.
  • the emulation devices may be designed to implement one or more tests of other devices in a lab environment and/or in an operator network environment.
  • the one or more emulation devices may perform the one or more, or all, functions while being fully or partially implemented and/or deployed as part of a wired and/or wireless communication network in order to test other devices within the communication network.
  • the one or more emulation devices may perform the one or more, or all, functions while being temporarily implemented/deployed as part of a wired and/or wireless communication network.
  • the emulation device may be directly coupled to another device for purposes of testing and/or may performing testing using over-the-air wireless communications.
  • the one or more emulation devices may perform the one or more, including all, functions while not being implemented/deployed as part of a wired and/or wireless communication network.
  • the emulation devices may be utilized in a testing scenario in a testing laboratory and/or a non-deployed (e.g., testing) wired and/or wireless communication network in order to implement testing of one or more components.
  • the one or more emulation devices may be test equipment. Direct RF coupling and/or wireless communications via RF circuitry (e.g., which may include one or more antennas) may be used by the emulation devices to transmit and/or receive data.
  • RF circuitry e.g., which may include one or more antennas
  • a WTRU 102 may establish security at an RRC level during unicast communication establishment over a PC5 interface by combining Direct Security Mode (DSM) operations from V2X/PC5 signaling and RRC layers together (e.g., over a U-plane).
  • DSM Direct Security Mode
  • a WTRU 102 may establish security at an RRC level during unicast communication establishment over a PC5 interface by combining DSM operations from V2X/PC5 signaling and RRC layers together over the C-plane.
  • the PC5 signaling and the security establishment may be handled over the C-plane.
  • the DSM operations may be handled at the RRC layer.
  • the WTRU 102 may establish security at an RRC level during unicast communication establishment over the PC5 interface using the C-plane.
  • a combination of the security establishment and the transfer of AS layer information may be implemented during security establishment procedure over the C-plane by the RRC layer.
  • the V2X/PC5 signaling layer may trigger the establishment of the security protection at the RRC layer prior to the unicast communication establishment over the PC5 interface using the C-plane.
  • the initial RRC message sent prior to security establishment may be protected using a provisioned certificate.
  • PC5 is the reference point (or interface) between the WTRUs 102 used by V2X Services for ProSe Direct Communication over the U-plane.
  • FIG. 2 is a diagram illustrating a representative procedure for security establishment at connection setup (e.g., the establishment of a secure one-to-one ProSe Direct communication).
  • the representative procedure 200 may include, at 210, a first WTRU 102a sending a Direct Communication Request (DCR) to a second WTRU 102b.
  • the DCR may include any of: (1) a Long Term ID; (2) one or more parameters related to long term negotiation;
  • a root key ID e.g., K D ID
  • a nonce e.g., Nonce_1
  • MSB most significant byte
  • K D-S ess ID K D-S ess ID
  • direct authentication and key establishment may be initiated between the first WTRU 102a and the second WTRU 102b.
  • a Direct Security Mode (DSM) Command message and/or a DSM Complete message may be exchanged.
  • the second WTRU 102b may send a DSM Command message to the first WTRU 102a.
  • DSM Direct Security Mode
  • the DSM Command message may include any of: (1) the one or more security capabilities of the first WTRU 102a; (2) a nonce 2; (3) a least significant byte (LSB) of the intermediate key ID (e.g., K D-S ess ID);
  • LSB least significant byte
  • the DSM Command message may be integrity protected at the bearer layer with a new security context.
  • the second WTRU 102b may be ready to receive signaling and/or user plane traffic with the new security context.
  • the first WTRU 102a may be ready to send and receive user plane and/or signaling data with the new security context.
  • the first WTRU 102a may send a DSM Complete message to the second WTRU 102b.
  • the DSM Complete message may include the LSB of the root key ID.
  • the DSM Complete message may be integrity and/or confidentiality protected at the bearer layer with the new security context.
  • the second WTRU 102b may send signaling and user plane traffic with the new security context and may delete any old security contexts.
  • Security establishment may take place during a unicast link setup procedure using or over the U-plane interface, (e.g., there is no C-plane involved on the unicast communication).
  • Information may be exchanged between the WTRUs 102, over the PC5 interface, enabling WTRUs 102 to derive keys for integrity protection and/or encryption, for example prior to the link establishment (e.g., link establishment completion).
  • the exchange may be referred to as the DSM exchange or DSM message exchange.
  • the security protection may be applied by a Packet Data Convergence Protocol (PDCP) layer and may provide for and/or cover signaling and/or U-plane data (e.g., ProSe signaling and/or V2X application data) sent over the link.
  • PDCP Packet Data Convergence Protocol
  • a number of layers of keys may be used in various communications.
  • four different layers of keys may be used in a ProSe direct one-to-one communication including: (1) K D that may be a N-bit (e.g., 256 bit) root key that may be shared between the two entities communicating using ProSe Direct one-to-one communication; (2) K D ID that may be used to identify K D ; (3) K D.Sess that may be an N-bit (e.g., 256 bit) key which may be the root of the actual security context that is being used to protect the transfer of data between the WTRUs 102.
  • K D that may be a N-bit (e.g., 256 bit) root key that may be shared between the two entities communicating using ProSe Direct one-to-one communication
  • K D ID that may be used to identify K D
  • K D.Sess that may be an N-bit (e.g., 256 bit) key which may be the root of the actual security context that is being used to protect the transfer of
  • the keys that are used in the confidentiality and integrity algorithms may be derived from K D.Sess , as an intermediate key; (4) a 16-bit K D.Sess lD that may identify the K D-Sess ; (5) PEK and/or PIK (the ProSe Encryption Key (PEK) and/or the ProSe Integrity Key (PIK)) which may be session keys used in the chosen confidentiality and/or integrity algorithms, respectively, to protect ProSe direct one-to- one communication over the PC5 interface.
  • PEK and/or PIK may be derived from the intermediate key Ko-sess-
  • the target WTRU 102 may initiate a direct security mode command procedure.
  • the target WTRU 102 may generate a Least Significant Byte (LSB) of the K D.S ess l D and may combine the LSB with the Most Significant Byte (MSB) of the K D-S ess I D that the WTRU 102 received in the DIRECT_COMMUNICATION_REQUEST message.
  • LSB Least Significant Byte
  • MSB Most Significant Byte
  • the target WTRU 102 may generate a nonce value (e.g., a N-bit nonce_2 value and/or 128-bit nonce_2 value). With K D , Nonce_1 (received in the DCR message) and/or Nonce_2, the target WTRU 102 may derive the intermediate key K D-S ess. The target WTRU 102 may send a DIRECT_SECURITY_MODE_COMMAND message to the initiating WTRU 102.
  • the DIRECT_SECURITY_MODE_COMMAND message may include the Nonce_2 and the least significant bits (e.g., the least significant 8-bits) of the K D.S ess ID.
  • the initiating WTRU 102 may calculate the intermediate key K D.S ess and/or the confidentiality and integrity keys (e.g., in the same way as the target WTRU 102).
  • the initiating WTRU 102 may send a DIRECT_SECURITY_MODE_COMPLETE message to the target WTRU 102.
  • the initiating WTRU 102 may form the K D.S ess ID by combining the LSB of the K D-S ess ID that the initiating WTRU 102 received in the DIRECT_SECURITY_MODE_COMMAND message and the MSB of the K D . sess ID that the initiating WTRU 102 has generated.
  • the intermediate key K D-S ess may be the root of the security association.
  • the intermediate key may be generated on or at the WTRUs 102.
  • a portion of the K D-S ess ID may locally identify a security context.
  • the initiating WTRU 102 may use the 8-bit MSB of the K D-S ess ID to locate the intermediate key K D-S ess and the target WTRU 102 may use the 8-bit LSB of the formed K D-S ess ID to locate the intermediate key K D-S ess for the link.
  • RRC e.g., the C-plane
  • RRC may be used as the signaling protocol over the PC5 interface, for example to exchange Access Stratum (AS) layer information (e.g., at least WTRU capabilities and/or an AS layer configuration).
  • AS Access Stratum
  • the exchange may be triggered during or after a unicast link establishment.
  • the WTRU capabilities and/or AS layer configuration may include and/or contain information (e.g., sensitive information) that may be security protected.
  • the RRC protocol may be used to transfer the information over the PC5 interface such that security may be established by the PC5 signaling over the U-plane (e.g., but only over the U-plane radio bearer (RB) for example as set forth herein).
  • the RRC messages sent over the C-plane may not be protected during the PC5 unicast link establishment.
  • the AS layer information may be sent after the unicast link establishment and security establishment at the RRC level.
  • the WTRU capabilities and/or AS layer configuration may then be sent.
  • certain AS layer information may be needed/used to verify if the link may be established or not (e.g., if the desired QoS may be met or if WTRUs 102 may be allowed to establish a communication). For example, if the information is transferred after the link establishment and the QoS cannot be met, the link may be disconnected, which may be inefficient and/or may cause overhead in the network.
  • a first message (e.g., a Direct Communication Request from PC5 signaling) sent for the link establishment may be protected, for example, since the first message may contain and/or include sensitive information (e.g., PC5 signaling parameters) and, if sent over RRC layer, the first message may contain and/or include RRC parameters that may be required to be integrity protected and/or encrypted.
  • sensitive information e.g., PC5 signaling parameters
  • V2X is disclosed herein as an example of one type of communication (unicast communication and/or communication using a PC5 interface), it is contemplated that other types of communications are equally possible, e.g. communication associated with drones and other consumer devices such as wearables using direct device to device or ProSe communication.
  • ProSe communication the procedures described herein by the V2X layer may be performed by the ProSe layer.
  • a secured transfer of WTRU capabilities & AS layer configuration information may be implemented, for example to enable communications using RRC over the PC5 interface.
  • the secured transfer may be provided for by any of: (1) combining the security establishment procedure from PC5 signaling and RRC layers together during unicast communication establishment to enable security protection of any data sent over the U-plane and/or C-plane, prior to the completion of the link establishment; (2) transmitting PC5 signaling over the C-plane and/or by triggering establishment of security protection at the RRC layer during unicast communication establishment; (3) triggering the establishment of security protection at the RRC layer prior to the initiation of the unicast communication establishment; and/or (4) replacing the ProSe signaling by the RRC protocol and/or by establishing security protection at the RRC layer, among others.
  • the security protection at the RRC layer may be obtained prior to the link establishment completion.
  • the AS layer information e.g. WTRU capabilities & AS layer configuration information
  • the AS layer information may be transferred once (e.g., after) the security is established and/or before completing the link establishment, for example to avoid the connection establishment followed by a quick disconnection, if or on condition that a determination that the link is not to be allowed.
  • methods, apparatus, systems, procedures and operations may be implemented to provide protection of an initial RRC message (e.g., for transporting the first communication establishment message).
  • V2X data and/or PC5 signaling may be sent over the U-plane and/or AS layer information may be sent over the C-plane.
  • the WTRU 102 may initiate the PC5 link establishment and may include an indication (e.g., a type of connection establishment connection ype’) specifying on to which layer security is or may be supported, used and/or required (e.g.,“U-Plane only” or“U-plane + C-plane”).
  • the WTRU 102 may include parameters for security establishment at V2X/PC5 signaling and, if“U-plane + C-plane” security may be or is supported, used and/or required, parameters for the security establishment at the RRC layer may be included such that, for example DSM operations from the V2X/PC5 signaling and the RRC layers may be combined.
  • 2 different sets of keys may be derived on the WTRU 102 including for example a first set of one or more keys that may be applied over the U- plane (e.g., for V2X/PC5 signaling) and a second set of one or more keys that may be applied over the C-plane (e.g., for RRC signaling).
  • the first and second sets of keys may be associated to the same session identifier (e.g., K D-S ess ID).
  • K D-S ess ID may be obtained at the PC5 signaling layer and may be used to locate the PC5 signaling security context for the communication link.
  • the K D-S ess ID may be passed to the RRC layer, which may derive one or more RRC associated keys (e.g., its own keys) and may associate the RRC associated keys with the same K D-S ess ID that may be used to locate the PC5 signaling & RRC security contexts.
  • Two set of security parameters may be sent in a single DSM message (e.g., different list of supported algorithms), for example to enable different levels of security to be applied at the C-plane and the U-plane.
  • the confidentiality protection may be negotiated between the WTRUs 102, for example to apply (e.g., only apply) the confidentiality protection at the U-plane and/or integrity & confidentiality protection at the C-plane (e.g., while the integrity & confidentiality protection are applied at the C-plane).
  • Examples of security parameters that may be exchanged between WTRUs 102 for the generation of a key at the PC5 signaling and/or the RRC layers may include any of:
  • a first WTRU 102a e.g., WTRU1
  • WTRU1 User Info 1
  • Noncel Noncel
  • WTRU security capabilities including for example a list of supported algorithms
  • IE KD ID information element
  • second WTRU 102b e.g., WTRU2
  • User Info 2 e.g., WTRU2
  • Nonce2 e.g., Nonce2
  • WTRU security capabilities including for example a list of supported algorithms and/or selected algorithm
  • an LSB of the KD-sess ID e.g., an MSB of KD ID IE
  • FIG. 3 is a diagram illustrating a representative procedure for combined security establishment provided at the PC5 signaling layer and/or over the U-plane.
  • a representative procedure 300 may include a first WTRU 102a (e.g., WTRU1) and a second WTRU 102b (e.g., WTRU2) each including a protocol stack (e.g., complementary protocol stacks) having a plurality of layers/entities.
  • Each stack may enable data communication via a user plane (U-plane) interface, and/or control signaling via either the U-plane interface or a C-plane interface.
  • U-plane user plane
  • Each stack may include, for example: (1) a V2X layer/sublayer that may enable a PC5 interface; (2) a Packet Data Convergence Protocol (PDCP) layer and/or (3) a MAC/RRC layer (e.g., an L2 layer).
  • the V2X layer/sublayer of the first WTRU 102a may include a V2X entity 305A and the V2X layer/sublayer of the second WTRU 102b may include a V2X entity 305B, for example to enable V2X/PC5 signaling between the first and second WTRUs 102.
  • the PDCP layer of the first WTRU 102a may include a PDPC entity 310A/320A which may include a PDPC U-plane portion 310A and/or a PDPC control plane (C-plane) portion 320A.
  • the PDCP layer of the second WTRU 102b may include a PDPC entity 310B/320B which may include a PDPC U-plane portion 310B and/or a PDPC C-plane portion 320B.
  • the MAC/RRC layer of the first WTRU 102a may include a MAC/RRC entity 315A and the MAC/RRC layer of the second WTRU 102b may include a MAC/RRC entity 315B to enable RRC signaling between the first and second WTRUs 102a and 102b.
  • a first WTRU 102a may initiate PC5 link establishment using a PC5-S message (e.g., a Direct Communication Request (DCR) message) sent from the V2X layer/entity 305A of the first WTRU 102a to the V2X layer/entity 305B of the second WTRU 102b via a PC5 interface (e.g., using PC5 signaling).
  • the DCR message may include: (1) a“connection ype” indication, for example, specifying that“U-plane + C-plane” security is used/required (e.g., indicating a security level of “U-plane + C-plane” security).
  • the message may include security parameters for a combined security establishment procedure at the V2X and MAC/RRC layers/entities 305/315 (e.g., parameters such as one or more supported algorithms for PC5 and RRC, and/or one or more nonces (e.g., nonce_1 s) for the PC5 and the RRC, among others) such that the DSM operations from V2X layer/entities 305 via PC5 signaling and from the MAC/RRC layer/entities 315 via RRC signaling may be combined.
  • security parameters for a combined security establishment procedure at the V2X and MAC/RRC layers/entities 305/315 e.g., parameters such as one or more supported algorithms for PC5 and RRC, and/or one or more nonces (e.g., nonce_1 s) for the PC5 and the RRC, among others
  • security parameters for a combined security establishment procedure at the V2X and MAC/RRC layers/entities 305/315 e.g., parameters such as one or
  • the DCR message may include a connection type/security level indicator, for example indicating a combined security/connection type for the U-plane and the C-plane, the PC5 signaling parameters for the first WTRU 102a and the security RRC parameters for the first WTRU 102a.
  • the V2X layer/entity 305B of the second WTRU 102b via PC5 signaling may use information of the first WTRU 102a received from the first WTRU 102a via the DCR message and its own information to derive keys (e.g., one or more U-plane keys) to be used by the PDCP entity 310B/320B (e.g., after configuration of the selected algorithm and/or keys by the V2X layer/entity 305B) for a bearer of the U-plane.
  • keys e.g., one or more U-plane keys
  • the V2X layer/entity 305B of the second WTRU 102b via signaling may inform the MAC/RRC layer/entity 315B of the second WTRU 102b (e.g., may send a link establishment message or signaling to the MAC/RRC layer/entity 315B) that link establishment is ongoing/supported and on condition that the“ connection ype” of service level indication is set to“U-plane + C-plane”, the V2X layer/entity 305B of the second WTRU 102b via PC5 signaling may provide parameters related to RRC security establishment (e.g., parameters received from the first WTRU 102a and parameters locally provisioned by the second WTRU 102b).
  • RRC security establishment e.g., parameters received from the first WTRU 102a and parameters locally provisioned by the second WTRU 102b.
  • the MAC/RRC layer/entity 315B of the second WTRU 102b using the parameters received from the V2X layer/entity 305B of the second WTRU 102b may derive another set of one or more keys for the MAC/RRC layer security protection (e.g., used for the C-plane).
  • the derived keys may be passed to the PDCP entity 320B of the second WTRU 102b handling security on the C-plane (e.g., bearers of the C-plane).
  • the V2X layer/entity 305B may provide PC5 signaling to the V2X layer/entity 305A and may initiate a security establishment procedure.
  • the security establishment procedure may include PC5 signaling of one or more parameters for security establishment at the V2X layer/entity 305B, (for example, the parameters may include one or more selected algorithms and/or nonces (e.g., nonce_2 for the PC5)) and/or another set of one or more parameters for security establishment at the MAC/RRC layer/entity 315B, (for example, one or more selected algorithms and/or nonces (e.g., nonce_2 forthe MAC/RRC layer/entity 315B) may be specified in a single DSM Command message.
  • the SMC Request message may be integrity protected and/or may be sent over the U-plane.
  • the SMC message may include a security level indicator, for example indicating combined security for the U-plane and the C-plane, the PC5 signaling parameters for the second WTRU 102b and the security RRC parameters for the second WTRU 102b.
  • a security level indicator for example indicating combined security for the U-plane and the C-plane, the PC5 signaling parameters for the second WTRU 102b and the security RRC parameters for the second WTRU 102b.
  • the V2X layer/entity 305A of the first WTRU 102a via PC5 signaling may receive parameters from a peer WTRU (e.g., the second WTRU 102b) and may derive one or more keys for the PDCP layer/entity 310A/320A handling the bearer (e.g., of the U-plane) prior to the link establishment completion.
  • a peer WTRU e.g., the second WTRU 102b
  • the bearer e.g., of the U-plane
  • the V2X layer/entity 305A of the first WTRU 102a via interlayer signaling and/or PC5 signaling may inform the MAC/RRC layer/entity 315A of the first WTRU 102a that the link establishment (e.g., security establishment) is ongoing/supported and may provide one or more parameters related to the RRC security establishment (e.g., one or more parameters received from the second WTRU 102b and/or one or more parameters locally provisioned by the first WTRU 102a).
  • the link establishment e.g., security establishment
  • the MAC/RRC layer/entity 315A may derive another set of one or more keys for C-plane protection, prior to the link establishment completion (e.g., security establishment completion) and/or transmission of the first WTRU capabilities & AS layer configuration over or using RRC signaling.
  • the derived keys may be passed to the PDCP entity handling security on the C-plane (e.g., the bearers of the C-plane).
  • the V2X layer/entity 305A via PC5 signaling may complete the security establishment, for example by sending a single DSM Complete message that may be ciphered and/or integrity protected over or using the U-plane.
  • the DSM Complete message may include a security level indicator, for example indicating combined security for the U-plane and the C-plane, the PC5 signaling parameters for the second WTRU 102b and the security RRC parameters for the second WTRU 102b.
  • the V2X layer/entity 305B of the second WTRU 102b may signal to the MAC/RRC layer/entity 315B of the second WTRU 102b to inform the MAC/RRC layer/entity 315B of the security establishment completion.
  • the MAC/RRC layer/entity 315A of the first WTRU 102a and the MAC/RRC layer/entity 315B of the second WTRU 102b may transfer/exchange (e.g., securely transfer/securely exchange) the WTRU capabilities & AS layer configuration information of the first and second WTRUs 102a and 102b over or using the C-plane (e.g., via RRC signaling), prior to the link establishment completion.
  • Operations 385A/390A and 385B/390B may be alternative operations.
  • the MAC/RRC layer/entity 315B may send a signal (e.g., an interlayer or PC5 signal to the V2X layer/entity 305B to inform the V2X layer/entity 305B of successful link establishment.
  • a signal e.g., an interlayer or PC5 signal
  • the V2X layer/entity 305B may send an accept message (e.g., a Direct Communication Accept message) that may be ciphered and/or integrity protected over or using the U-plane to the V2X layer/entity 305A of the first WTRU 102a (e.g., the source WTRU) to complete the link establishment procedure.
  • the V2X layer/entities 315 may send (e.g., now send) security protected messages over the U-plane.
  • the MAC/RRC layer/entity 315B may send a signal (e.g., an interlayer or PC5 signal to the V2X layer/entity 305B to inform the V2X layer/entity 305B of an unsuccessful link establishment (e.g., failure of the link establishment procedure).
  • a signal e.g., an interlayer or PC5 signal to the V2X layer/entity 305B to inform the V2X layer/entity 305B of an unsuccessful link establishment (e.g., failure of the link establishment procedure).
  • the V2X layer/entity 305B of the second WTRU 102b may reject the link establishment and, thus, the V2X layer/entity 305B of the second WTRU 102b cannot send data.
  • the V2X layer/entity 305B may send a reject message (e.g., a Direct Communication Reject message) that may be ciphered and/or integrity protected over or using the U-plane to the V2X layer/entity 305A of the first WTRU 102a (e.g., the source WTRU).
  • a reject message e.g., a Direct Communication Reject message
  • PC5 signaling may be sent over the C-plane and V2X data may be sent over the U-plane.
  • the security establishments for the U-plane and the C-plane may be combined.
  • the same actors and operations may apply (e.g., the DSM procedure may be executed (e.g., still executed) at the V2X/PC5 signaling layer and/or the DSM messages and PC5 signaling messages may be sent over the C-plane (in this case the double lined arrows would instead be represented by triple lined arrows).
  • the PC5 signaling and/orthe security establishment may be handled over the C-plane.
  • the link establishment may be handled at the PC5 signaling layer and the security establishment (e.g., the DSM procedure) may be handled at the RRC layer.
  • the PC5 signaling layer may trigger the establishment of the security protection at the RRC layer during a unicast communication establishment.
  • the C-plane may be protected prior to the link establishment completion.
  • the PC5 signaling may be sent over the C-plane and may be protected (for example, except for the initial DCR message which may be sent in the clear, for example without being protected).
  • FIG. 4 is a diagram illustrating a representative procedure for PC5 signaling over the C- plane with security establishment at the RRC layer.
  • the representative procedure 400 may include, at 410, a first WTRU 102a initiating PC5 link establishment using a message (e.g., a Direct Communication Request (DCR) message) sent from the V2X layer/entity 305A of the first WTRU 102a to the V2X layer/entity 305B of the second WTRU 102b via a PC5 interface (e.g., using PC5 signaling).
  • the DCR message may include: (1) a connection_type/security level indication, for example, specifying that C-plane security is used/required.
  • the message may include security parameters for a C-plane security establishment procedure at the V2X and MAC/RRC layers/entities 305/315 (e.g., parameters such as one or more supported algorithms for C-plane security and/or one or more nonce_1 s, among others).
  • security parameters for a C-plane security establishment procedure at the V2X and MAC/RRC layers/entities 305/315 e.g., parameters such as one or more supported algorithms for C-plane security and/or one or more nonce_1 s, among others.
  • the DCR message may be sent over the U-plane and may be sent in the clear.
  • the V2X layer/entity 305B of the second WTRU 102b via signaling may inform the MAC/RRC layer/entity 315B of the second WTRU 102b (e.g., may send a link establishment message or signaling to the MAC/RRC layer/entity 315B) that link establishment is ongoing/supported and on condition that the connection_type/security level indication is set to“C-plane”, the V2X layer/entity 305B of the second WTRU 102b via interlayer signaling or PC5 signaling may provide parameters related to C-plane (e.g., RRC) security establishment (e.g., parameters received from the first WTRU 102a and parameters locally provisioned by the second WTRU 102b).
  • C-plane e.g., RRC
  • the MAC/RRC layer/entity 315B of the second WTRU 102b may use information of the first WTRU 102a via the DCR message and its own information to derive keys (e.g., one or more C-plane keys) to be used by the PDCP entity 310B/320B for the C-plane.
  • keys e.g., one or more C-plane keys
  • the MAC/RRC layer/entity 315B of the second WTRU 102b may send a DSM Command message to the MAC/RRC layer/entity 315A of the first WTRU 102a.
  • the DSM Command message may be integrity protected and may include any of: (1) a connection type/security level indication specified as“C-plane”; and/or (2) one or more security parameters (e.g., RRC) security parameters of the second WTRU 102b.
  • the MAC/RRC layer/entity 315A of the first WTRU 102a may derive one or more keys (e.g., security keys) for use by the PDCP C-plane.
  • the MAC/RRC layer/entity 315A of the first WTRU 102a may send a DSM Complete message to the MAC/RRC layer/entity 315B of the second WTRU 102b.
  • the DSM Complete message may be ciphered and/or integrity protected and may include any of: (1) a connection type/security level indication, for example, specified as“C-plane”; and/or (2) one or more security parameters (e.g., RRC) security parameters of the second WTRU 102b.
  • RRC Access Stratum
  • AS Access Stratum
  • the MAC/RRC layer/entity 315B may send a signal (e.g., an interlayer or PC5 signal to the V2X layer/entity 305B of the second WTRU 102b to inform the V2X layer/entity 305B of a successful link establishment.
  • a signal e.g., an interlayer or PC5 signal to the V2X layer/entity 305B of the second WTRU 102b to inform the V2X layer/entity 305B of a successful link establishment.
  • the V2X layer/entity 305B may send an accept message (e.g., a Direct Communication Accept message) that may be ciphered and/or integrity protected to the V2X layer/entity 305A of the first WTRU 102a (e.g., the source WTRU) to complete the link establishment procedure
  • the MAC/RRC layer/entities 315 may send (e.g., now send) security protected messages over the C-plane.
  • the V2X data may be sent over the C-plane and/or over the U- plane.
  • security may be established over the U-plane in addition to or in lieu of such security at the C-plane.
  • security may be used over the C-plane and the U-plane concurrently, overlapping in time and/or at the same time.
  • the U-plane and/or C-plane security establishments may be combined.
  • the security establishment procedure may be handled at the MAC/RRC layer, a higher layer and/or a lower layer, among others.
  • the PC5 signaling security parameters (e.g., selected algorithm, and/or nonce_2 for PC5, among others) sent to the first WTRU 102a using the DSM Command message may need to be and/or may be passed to the PC5 signaling layer (e.g., by the MAC/RRC layer) so that one or more keys for the PDCP U-plane may be derived at or on the first WTRU 102a.
  • the PC5 signaling security parameters e.g., selected algorithm, and/or nonce_2 for PC5, among others
  • the PC5 signaling security parameters may need to be and/or may be passed to the PC5 signaling layer (e.g., by the MAC/RRC layer) so that one or more keys for the PDCP U-plane may be derived at or on the first WTRU 102a.
  • FIG. 5 is a diagram illustrating a representative procedure for combined security establishment & AS layer information transfer (e.g., performed at the MAC/RRC layer).
  • the procedure 500 may include, at 510, a first WTRU 102a initiating PC5 link establishment using a message (e.g., a DCR message) sent from the V2X layer/entity 305A of the first WTRU 102a to the V2X layer/entity 305B of the second WTRU 102b via a PC5 interface (e.g., using PC5 signaling).
  • the DCR message may include: (1) a connection_type/security level indication, for example, specifying that C-plane security is used/required and/or RRC security parameters of the first WTRU 102a.
  • the message may include security parameters for a C-plane security establishment procedure at the V2X and/or RRC layers/entities 305/315 (e.g., parameters such as one or more supported algorithms for C- plane security and/or one or more nonces, among others).
  • security parameters for a C-plane security establishment procedure at the V2X and/or RRC layers/entities 305/315 e.g., parameters such as one or more supported algorithms for C- plane security and/or one or more nonces, among others.
  • the DCR message may be sent over the C-plane and/or may be sent in the clear.
  • the V2X layer/entity 305B of the second WTRU 102b via signaling may inform the MAC/RRC layer/entity 315B of the second WTRU 102b (e.g., may send a link establishment message or signaling to the MAC/RRC layer/entity 315B) that link establishment is ongoing/supported and on condition that the connection_type/security level indication is set to“C-plane”, the V2X layer/entity 305B of the second WTRU 102b via interlayer signaling or PC5 signaling may provide parameters related to C-plane (e.g., RRC) security establishment (e.g., parameters received from the first WTRU 102a and parameters locally provisioned by the second WTRU 102b).
  • C-plane e.g., RRC
  • the MAC/RRC layer/entity 315B of the second WTRU 102b may use information of the first WTRU 102a send via the DCR message and its own information to derive keys (e.g., one or more C-plane keys) to be used by the PDCP entity 310B/320B for the C-plane.
  • keys e.g., one or more C-plane keys
  • the MAC/RRC layer/entity 315B of the second WTRU 102b may send a Direct Security Mode (DSM) Command message to the MAC/RRC layer/entity 315A of the first WTRU 102a.
  • the DSM Command message may be integrity protected.
  • the MAC/RRC layer/entity 315A of the first WTRU 102a may derive one or more keys (e.g., security keys) for the PDCP C-plane.
  • the MAC/RRC layer/entity 315A of the first WTRU 102a may send a DSM Complete message to the MAC/RRC layer/entity 315B of the second WTRU 102b.
  • the DSM Complete message may be ciphered and/or integrity protected and may include AS layer information of the first WTRU 102a.
  • the MAC/RRC layer/entity 315B of the first WTRU 102b may send a DSM Acknowledgement (ACK) to the MAC/RRC layer/entity 315A of the first WTRU 102a.
  • the DSM ACK may be ciphered and/or integrity protected and may include AS layer information of the second WTRU 102b.
  • the MAC/RRC layer/entity 315B may send a signal (e.g., an interlayer or PC5 signal) to the V2X layer/entity 305B of the second WTRU 102b to inform the V2X layer/entity 305B of a successful link establishment.
  • a signal e.g., an interlayer or PC5 signal
  • the V2X layer/entity 305B may send an accept message (e.g., a Direct Communication Accept message) that may be ciphered and/or integrity protected over or using the C-plane to the V2X layer/entity 305A of the first WTRU 102a (e.g., the source WTRU) to complete the link establishment procedure
  • the MAC/RRC layer/entities 315 may send (e.g., now send) security protected messages over the C-plane.
  • the handling of the security establishment at the MAC/RRC layer may enable the combination of the security establishment and the transfer of the AS layer information (e.g., the WTRU capabilities, AS configuration information, SRB/DRB (e.g., Sidelink SRB/DRB) setup/configuration parameters & logical channel information).
  • the AS layer information may be sensitive information and may be or is to be ciphered and/or integrity protected.
  • The“DSM Command” may be integrity protected and may or may not be ciphered.
  • the DSM Command may be used to transport sensitive information on condition that integrity protection (e.g., only integrity protection) is used and/or required. If ciphering is used and/or required in addition to integrity protection, a DSM Command may not be used.
  • a procedure may be implemented that may be used when ciphering and integrity protection are used/required.
  • the security establishment procedure may be re-used and/or modified for this purpose, e.g., the AS layer information, may be carried on the“DSM Complete” message and a new message“DSM Ack” may be added.
  • FIG. 5 focuses on the combination of security establishment procedure and the AS layer information transfer such that parameters about the security establishment as shown on other figures are not repeated, for brevity.
  • FIG. 6 is a diagram illustrating a representative procedure for security establishment at the RRC layer prior to the PC5 link establishment.
  • representative procedure 600 may include, at 610, a first WTRU 102a initiating PC5 link establishment using a message (e.g., a security establishment message) using interlayer and/or PC5 signaling.
  • the message may be sent from the V2X layer/entity 305A of the first WTRU 102a to the MAC/RRC layer/entity 315A or the first WTRU 102a.
  • the message may include the RRC security parameters of the first WTRU 102a.
  • the MAC/RRC layer/entity 315A of the first WTRU 102a may send a request message (e.g., a Direct Security Mode (DSM) Command message) from the MAC/RRC layer/entity 315A of the first WTRU 102a to the MAC/RRC layer/entity 315B of the second WTRU 102b.
  • the DSM Command message may be sent in the clear (e.g., without security protection).
  • the DSM Command message may include the RRC security parameters of the first WTRU 102a.
  • the message may include security parameters for a C-plane security establishment procedure (e.g., parameters such as one or more supported algorithms for C-plane security and/or one or more nonces, among others).
  • the message may be protected as described herein (e.g., signed with a provisioned certificate).
  • the MAC/RRC layer/entity 315B of the second WTRU 102b may send a message (e.g., a security establishment message) using interlayer and/or PC5 signaling to the V2X layer/entity 305B of the second WTRU 102b.
  • the V2X layer/entity 305B of the second WTRU 102b may send a message (e.g., a security establishment message) to the MAC/RRC layer/entity 315B of the second WTRU 102b.
  • the message may include the RRC security parameters, for example of the first WTRU 102a sent via the DSM Command message and RRC security parameters of the second WTRU 102b.
  • the V2X layer/entity 305B may obtain the RRC security parameters and may pass these parameters to the MAC/RRC layer/entity 315B, via interlayer communication and/or the V2X layer/entity 305B may derive the RRC security parameters and may pass these parameters to the MAC/RRC layer/entity 315B, via the interlayer communication.
  • the MAC/RRC layer/entity 315B of the second WTRU 102b may use information of the first WTRU 102a and its own information to derive keys (e.g., one or more C-plane keys) to be used by the PDCP entity 310B/320B for the C-plane.
  • keys e.g., one or more C-plane keys
  • the MAC/RRC layer/entity 315B of the second WTRU 102b may send a DSM Complete message to the MAC/RRC layer/entity 315A of the first WTRU 102a.
  • the DSM Complete message may be integrity protected and may include the RRC security parameters of the second WTRU 102b.
  • the MAC/RRC layer/entity 315A of the first WTRU 102a may derive one or more keys (e.g., security keys) for the PDCP C-plane.
  • the MAC/RRC layer/entity 315A of the first WTRU 102a and the MAC/RRC layer/entity 315B of the second WTRU 102b may exchange AS layer information over the C-plane.
  • the AS layer information may be ciphered and/or integrity protected.
  • the MAC/RRC layer/entity 315A may send a signal (e.g., an interlayer or PC5 signal to the V2X layer/entity 305A of the first WTRU 102a to inform the V2X layer/entity 305A of a successful link establishment.
  • the V2X layer/entity 305A may send a request message (e.g., a Direct Communication Request message) that may be ciphered and/or integrity protected over or using the C-plane to the V2X layer/entity 305B of the second WTRU 102b to request the link establishment procedure.
  • a request message e.g., a Direct Communication Request message
  • the V2X layer/entity 305B may send an accept message (e.g., a Direct Communication Accept message) that may be ciphered and/or integrity protected over or using the C-plane to the V2X layer/entity 305A of the first WTRU 102a to accept the link establishment procedure
  • the MAC/RRC layer/entities 315 may send (e.g., now send) security protected messages over the C- plane.
  • the PC5 signaling and the security establishment may be handled over the C-plane.
  • the link establishment may be handled at the PC5 signaling layer and the security establishment (e.g., the DSM procedure) may be handled at the RRC layer.
  • the difference in comparison of this embodiment to previous embodiments, may be that the PC5 signaling layer may trigger the establishment of the security protection at the RRC layer prior to the unicast communication establishment.
  • the C-plane may be protected prior to the start of the link establishment.
  • PC5 signaling may be sent over the C-plane and may be protected.
  • PC5 signaling may be sent over the U-plane following the security establishment and AS layer information transfer over the C-plane.
  • the RRC security parameters may be obtained from the V2X layer 305, which may be provisioned with the RRC security parameters.
  • the initial RRC message at operation 620 is illustrated as being sent in the“clear” (e.g., without being ciphered and/or integrity protected).
  • the initial RRC message may be protected as described herein (e.g. signed with a provisioned certificate).
  • the PC5 signaling may be replaced with an RRC protocol for the unicast link establishment.
  • the V2X layer may trigger the RRC layer to establish the communication and establish the security.
  • the V2X layer may provide parameters indicating the connection type, (e.g.,“U-plane + C-plane” or“C-plane only”, among others).
  • the RRC layer may be responsible to setup the C-plane and/or the U-plane.
  • the initial RRC message that is sent in any of the scenarios described herein is shown as being sent in the“clear” (e.g., without being security protected).
  • the reason for the message being sent in the clear is that the security may be established after the transmission of this initial message such that the keys are not yet derived.
  • the initial message may contain or include RRC parameters that are sensitive and that may need to be integrity protected and/or encrypted. To overcome sensitive information/parameters being exposed, any of the following may be implemented in addition to or in lieu of other disclosed embodiments:
  • the WTRUs 102 may be provisioned with certificates for security protection, e.g., related to V2X communications. It is contemplated to use a certificate for the protection of the initial RRC message, e.g., the WTRU 102 may sign the DCR message with its certificate.
  • the peer WTRU 102b may check the message signature using a provisioned root certificate. The peer WTRU 102b may derive its session keys, and may integrity protect the next message to be sent such that the initial RRC message (e.g., only the initial RRC message) is to be or needs to be protected using the certificate); and/or
  • the WTRU 102a and the peer WTRU 102b may be served by the same gNB 180 and/or may be in a common coverage area associated with a gNB 180.
  • the WTRU 102 may obtain security related information to be used at the RRC layer (e.g., security parameters like the ones provided by the PC5 signaling layer on the DCR message and/or temporary keys) to protect the initial RRC message. Similar to the provisioned certificates, only the initial RRC message is to be or needs to be protected using the information/parameters from the gNB 180).
  • the AS layer may send and/or may need to send information during the link establishment procedure.
  • (1) WTRU capabilities may be sent to the peer WTRU 102 to make sure the link may be established; or (2) AS configuration information may be communicated/exchanged (e.g., may need to be exchanged), e.g., to agree on various parameters, for example the used/required QoS.
  • the AS layer information e.g., the WTRU capabilities & AS layer configuration information
  • WTRU capabilities which may consist of or include, for example a list of security algorithms that are supported, i.e., security capabilities.
  • certain information/parameter may not be exchanged or may not need to be exchanged for each link establishment between two WTRUs 102a and 102b. For example, if a WTRU 102a already has the capabilities associated with a peer WTRU 102b (from a previous link establishment) capability transfer may not be used/needed); and/or
  • AS layer configuration information (which may consist of or include, for example any of: a Sequence Number (SN) length (e.g., for PDCP), an RLC mode, a QoS profile, a resource pool configuration, an RLF/RLM configuration, and/or a reference signal configuration, among others.
  • the AS layer configuration information may be or may need to be exchanged with each link establishment between two WTRUs 102a and 102b), among others.
  • A“Connection_type”/service level indication may be provisioned on a per V2X application basis in addition to or in lieu of the PC5 signaling security parameters (e.g., the list of supported algorithms, etc.).
  • the Connection_type may be specified in the DCR message.
  • a set of parameters for C-plane and/or U-plane may be specified or may need to be specified on the same message.
  • Connection_type may be represented by a multibit value indicating any of the following: a Connection_type and/or security level of“U-plane only”, “U-plane + C-plane” or“C-plane only”.
  • a set of security parameters (e.g. algorithm, etc., again per V2X application) for C-plane may be provisioned if the“connection_type” indicates“C-plane” or “U-plane + C-plane”, in addition to the set of parameters for the U-plane.
  • the PC5 signaling over the C-plane or the U-plane may be provisioned on a per V2X application basis, and may indicate if the PC5 signaling is to be sent over the U-plane or the C- plane.
  • the link establishment and messages transfer are done, accordingly.
  • the V2X data over the C-plane or the U-plane may be provisioned on a per V2X application and may indicate if the V2X data packets may be or are to be sent over the U-plane or the C-plane.
  • FIG. 7 is a flowchart illustrating a representative security procedure (e.g., for unicast communications by a WTRU with another WTRU).
  • the representative procedure 700 may include, at 710, the WTRU (e.g., WTRU 102a) sending, to the other WTRU (e.g., WTRU 102b) via a PC5 interface, a communication request indicating first security information for the WTRU 102a.
  • the WTRU 102a may receive, from the other WTRU 102b via the PC5 interface, information which is integrity protected indicating second security information for the other WTRU 102b.
  • the WTRU 102a may derive, from the indicated second security information, a first set of security keys for communication via a first layer using the U-plane and a second set of security keys for communication via a second layer using the C-plane.
  • the WTRU 102a may send, to the other WTRU 102b via the PC5 interface, a message that is at least integrity protected using the derived first set of keys.
  • the communication request may include information indicating a connection type or a service level of a first type that uses both a user plane (U-plane) and a control plane (C-plane), and/or the first security information for the WTRU 102a.
  • U-plane user plane
  • C-plane control plane
  • the information received via the PC5 interface which is integrity protected may be included in a Direct Security Mode (DSM) Command message.
  • DSM Direct Security Mode
  • the second security information may include parameters associated with the first and second layers in accordance with the first type of connection indicated, for example, in the sent communication request.
  • the communication request may be sent in the clear (e.g., without security protection).
  • the WTRU 102a may verify an integrity of the DSM Command prior to sending the message.
  • the first layer may be a V2X layer and the second layer may be a Radio Resource Control (RRC) layer.
  • RRC Radio Resource Control
  • the derivation of the first set of security keys for communication via the first layer using the U-plane and the second set of security keys for communication via the second layer using the C-plane may include deriving one or more security keys by a V2X layer, as the first layer, and one or more further security keys by a Radio Resource Control (RRC) layer, as the second layer.
  • RRC Radio Resource Control
  • the derived keys may be used by a Packet Data Convergence Protocol (PDCP) layer.
  • PDCP Packet Data Convergence Protocol
  • connection type/security level may indicate one of: (1) the first type of connection/service level that uses both U-plane and C-plane resources; (2) a second type of connection/service level that uses only U-plane resources; or (3) a third type of connection/service level that uses only C-plane resources.
  • the message may include WTRU capabilities and Access Stratum (AS) layer configuration information that may be ciphered and/or integrity protected.
  • AS Access Stratum
  • FIG. 8 is a flowchart illustrating another representative security procedure (e.g., for unicast communications by a WTRU with another WTRU).
  • the representative procedure 800 may include, at 810, the WTRU (e.g., WTRU 102a) receiving from the other WTRU 102a via a PC5 interface, a communication request including a connection type/service level indicating a first type of connection/service level using both a user plane (U-plane) and a control plane (C-plane), and/or first security information for the other WTRU 102a.
  • the WTRU 102b may derive, from the first security information, a first set of security keys for communication via a first layer using the U-plane and/or a second set of security keys for communication via a second layer using the C-plane.
  • the WTRU 102b may send, to the other WTRU 102a via the PC5 interface, a Direct Security Mode (DSM) Command message which may be integrity protected indicating second security information for the WTRU 102b.
  • DSM Direct Security Mode
  • the WTRU 102b may receive, from the other WTRU 102a via the PC5 interface, a message that is at least integrity protected using the derived first set of keys.
  • the second security information may include parameters associated with the first and second layers in accordance with the first type of connection/service level indicated in the received communication request.
  • the communication request may be received in the clear (e.g., without security/security protection).
  • the WTRU 102b may provide integrity protection for the DSM Command message to be sent to the other WTRU 102a.
  • the first layer may be a V2X layer and/or the second layer may be a Radio Resource Control (RRC) layer.
  • RRC Radio Resource Control
  • the derivation of the first set of security keys for communication via the first layer using the U-plane and/or the second set of security keys for communication via the second layer using the C-plane may include deriving one or more security keys by a V2X layer, as the first layer, and one or more further security keys by a Radio Resource Control (RRC) layer, as the second layer, and the derived keys may be used by a Packet Data Convergence Protocol (PDCP) layer.
  • RRC Radio Resource Control
  • PDCP Packet Data Convergence Protocol
  • connection type/service level may indicate one of: (1) the first type of connection/service level that uses both U-plane and C-plane resources; (2) a second type of connection/service level that uses only U-plane resources; or (3) a third type of connection/service level that uses only C-plane resources.
  • the message may include WTRU capabilities and Access Stratum (AS) layer configuration information that may be ciphered and/or integrity protected.
  • the WTRU 102b may receive with the communication request a security certificate signed by a trusted entity to validate the WTRU 102a to the other WTRU 102b.
  • FIG. 9 is a flowchart illustrating a further representative security procedure (e.g., for unicast communications by a WTRU with another WTRU).
  • the representative procedure 900 may include, at 910, the WTRU (e.g., WTRU 102a) sending to the other WTRU (e.g., WTRU 102b) via a PC5 interface, a communication request including first security information associated with the WTRU 102a.
  • the WTRU 102a may receive by a second layer of the WTRU 102a from the second layer of the other WTRU 102b, a Direct Security Mode (DSM) Command which may be integrity protected and indicating second security information for the other WTRU 102b.
  • DSM Direct Security Mode
  • the WTRU 102a may derive from the second security information, a set of security keys for communication via the C-plane.
  • the WTRU 102a may send to the other WTRU 102b, a message that may at least be integrity protected using the derived set of keys.
  • the WTRU 102a may receive from the other WTRU 102b via the PC5 interface via the first layer, a communication accept message that may be ciphered and/or integrity protected.
  • the sending of the message that is at least integrity protected using the derived set of keys may include exchanging AS layer information via the second layer, which may be ciphered and integrity protected.
  • the sending of the message that is at least integrity protected using the derived set of keys may include sending a DSM Complete message indicating AS layer information associated with the other WTRU 102b that is ciphered and integrity protected.
  • the WTRU 102a may receive, via the second layer, a DSM Acknowledgement, that may be ciphered and integrity protected, indicating AS layer information associated with the WTRU 102b.
  • FIG. 10 is a flowchart illustrating an additional representative security procedure (e.g., for unicast communications by a WTRU with another WTRU).
  • the representative procedure 1000 may include, at 1010, the WTRU (e.g., WTRU 102b) receiving from the other WTRU 102a via a first layer, a communication request including first security information associated with the other WTRU 102a.
  • the WTRU 102b may send, by the first layer of the WTRU 102b to a second layer of the WTRU 102b, a link establishment message.
  • the WTRU 102b may derive, from the first security information, a set of security keys for communication via the C-plane.
  • the WTRU 102b may send, from the second layer of the WTRU 102b to the second layer of the other WTRU 102a, a Direct Security Mode (DSM) command, which may be integrity protected indicating second security information for the WTRU 102b.
  • DSM Direct Security Mode
  • the WTRU 102b may receive from the other WTRU 102a via the second layer, a message that may be at least integrity protected using the derived set of keys.
  • the WTRU 102b may send to the other WTRU 102a via the PC5 interface via the first layer, a communication accept message that may be ciphered and/or integrity protected.
  • the reception of the message that may be at least integrity protected using the derived set of keys may include exchanging AS layer information via the second layer, which may be ciphered and/or integrity protected.
  • the reception of the message that may be at least integrity protected using the derived set of keys may include receiving a DSM Complete message indicating AS layer information associated with the other WTRU 102b that may be ciphered and/or integrity protected.
  • the WTRU 102b may send, via the second layer, a DSM Acknowledgement, that may be ciphered and/or integrity protected, indicating AS layer information associated with the WTRU 102b.
  • FIG. 1 1 is a flowchart illustrating yet another representative security procedure (e.g., for unicast communications by a WTRU with another WTRU).
  • the representative procedure 1100 may include, at 1 1 10, a first layer of the WTRU 102b receiving from the first layer of the other WTRU 102a, a Direct Security Mode (DSM) Command indicating first security information for the other WTRU 102a.
  • the WTRU 102b may send, by the first layer of the WTRU 102b to a second layer of the WTRU 102b, a security establishment message.
  • the WTRU 102b may receive, by the first layer of the WTRU 102b from the second layer of the WTRU 102b, the first security information for the WTRU 102b.
  • the WTRU 102b may send and/or may receive over or using the C-plane, by the first layer of the WTRU 102b, Access Stratum (AS) layer information that may be ciphered and/or integrity protected.
  • AS Access Stratum
  • the WTRU 102b may receive from the other WTRU 102a via a PC5 interface via the C-plane, a communication request that may be ciphered and/or integrity protected using C-plane keys.
  • the WTRU 102b may send to the other WTRU 102a via a PC5 interface via the C-plane, a communication accept message that may be ciphered and/or integrity protected using C-plane keys.
  • the first layer of the WTRU 102b may send to the first layer of the other WTRU 102a that may be associated with the C-plane, a DSM Complete including second security information for the WTRU 102b that may be integrity protected.
  • the WTRU 102b may derive from the first security information, a set of security keys for communication via the C-plane used by the first layer.
  • FIG. 12 is a flowchart illustrating yet further representative security procedure (e.g., for unicast communications by a WTRU with another WTRU).
  • the representative procedure 1200 may include, at 1210, a first layer of the WTRU 102a receiving, from a second layer of the WTRU 102a, a security establishment message including first security information for the WTRU 102a.
  • the WTRU 102a may send, by the first layer of the WTRU 102a to the first layer of the other WTRU 102b, a Direct Security Mode (DSM) Command indicating the received first security information for the WTRU 102a.
  • DSM Direct Security Mode
  • the WTRU 102a may receive a DSM Complete message indicating second security information for the other WTRU 102b.
  • the WTRU 102a may derive, from the second security information, a set of security keys for communication via the C-plane used by the first layer.
  • the WTRU 102a may send and/or may receive, by the first layer of the WTRU 102a, Access Stratum (AS) layer information that may be ciphered and/or integrity protected.
  • AS Access Stratum
  • the WTRU 102a may send, to the other WTRU 102b via a PC5 interface via the C-plane, a communication request that may be ciphered and/or integrity protected.
  • the WTRU 102a may receive, from the other WTRU 102b via the PC5 interface via the C-plane, a communication accept message that may be ciphered and/or integrity protected.
  • the reception of the DSM Complete indicating second security information for the other WTRU 102b may include receiving, by the first layer of the WTRU 102a from the first layer of the other WTRU 102b, the DSM Complete including the second security information for the other WTRU 102b that may be integrity protected.
  • Systems and methods for processing data may be performed by one or more processors executing sequences of instructions contained in a memory device. Such instructions may be read into the memory device from other computer- readable mediums such as secondary data storage device(s). Execution of the sequences of instructions contained in the memory device causes the processor to operate, for example, as described above. In alternative embodiments, hard-wire circuitry may be used in place of or in combination with software instructions to implement the present invention. Such software may run on a processor which is housed within a vehicle and/or another mobile device remotely. In the later a case, data may be transferred via wireline or wirelessly between the vehicles or other mobile device.
  • ROM read only memory
  • RAM random access memory
  • register cache memory
  • semiconductor memory devices magnetic media such as internal hard disks and removable disks, magneto-optical media, and optical media such as CD- ROM disks, and digital versatile disks (DVDs).
  • a processor in association with software may be used to implement a radio frequency transceiver for use in a WTRU, UE, terminal, base station, RNC, or any host computer.
  • processing platforms, computing systems, controllers, and other devices containing processors are noted. These devices may contain at least one Central Processing Unit (“CPU”) and memory.
  • CPU Central Processing Unit
  • an electrical system represents data bits that can cause a resulting transformation or reduction of the electrical signals and the maintenance of data bits at memory locations in a memory system to thereby reconfigure or otherwise alter the CPU's operation, as well as other processing of signals.
  • the memory locations where data bits are maintained are physical locations that have particular electrical, magnetic, optical, or organic properties corresponding to or representative of the data bits. It should be understood that the representative embodiments are not limited to the above- mentioned platforms or CPUs and that other platforms and CPUs may support the provided methods.
  • the data bits may also be maintained on a computer readable medium including magnetic disks, optical disks, and any other volatile (e.g., Random Access Memory (“RAM”)) or non-volatile (e.g., Read-Only Memory (“ROM”)) mass storage system readable by the CPU.
  • the computer readable medium may include cooperating or interconnected computer readable medium, which exist exclusively on the processing system or are distributed among multiple interconnected processing systems that may be local or remote to the processing system. It is understood that the representative embodiments are not limited to the above-mentioned memories and that other platforms and memories may support the described methods. It should be understood that the representative embodiments are not limited to the above-mentioned platforms or CPUs and that other platforms and CPUs may support the provided methods.
  • any of the operations, processes, etc. described herein may be implemented as computer-readable instructions stored on a computer-readable medium.
  • the computer-readable instructions may be executed by a processor of a mobile unit, a network element, and/or any other computing device.
  • Suitable processors include, by way of example, a general purpose processor, a special purpose processor, a conventional processor, a digital signal processor (DSP), a plurality of microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs); Field Programmable Gate Arrays (FPGAs) circuits, any other type of integrated circuit (IC), and/or a state machine.
  • DSP digital signal processor
  • ASICs Application Specific Integrated Circuits
  • ASSPs Application Specific Standard Products
  • FPGAs Field Programmable Gate Arrays
  • the terms“station” and its abbreviation“STA”, “user equipment” and its abbreviation “UE” may mean (i) a wireless transmit and/or receive unit (WTRU), such as described infra; (ii) any of a number of embodiments of a WTRU, such as described infra; (iii) a wireless-capable and/or wired- capable (e.g., tetherable) device configured with, inter alia, some or all structures and functionality of a WTRU, such as described infra; (iii) a wireless-capable and/or wired-capable device configured with less than all structures and functionality of a WTRU, such as described infra; or (iv) the like.
  • WTRU wireless transmit and/or receive unit
  • FIGS. 1A-1 D Details of an example WTRU, which may be representative of any UE recited herein, are provided below with respect to FIGS. 1A-1 D.
  • ASICs Application Specific Integrated Circuits
  • FPGAs Field Programmable Gate Arrays
  • DSPs digital signal processors
  • a signal bearing medium examples include, but are not limited to, the following: a recordable type medium such as a floppy disk, a hard disk drive, a CD, a DVD, a digital tape, a computer memory, etc., and a transmission type medium such as a digital and/or an analog communication medium (e.g., a fiber optic cable, a waveguide, a wired communications link, a wireless communication link, etc.).
  • a signal bearing medium include, but are not limited to, the following: a recordable type medium such as a floppy disk, a hard disk drive, a CD, a DVD, a digital tape, a computer memory, etc.
  • a transmission type medium such as a digital and/or an analog communication medium (e.g., a fiber optic cable, a waveguide, a wired communications link, a wireless communication link, etc.).
  • any two components so associated may also be viewed as being “operably connected”, or “operably coupled”, to each other to achieve the desired functionality, and any two components capable of being so associated may also be viewed as being “operably couplable” to each other to achieve the desired functionality.
  • operably couplable include but are not limited to physically mateable and/or physically interacting components and/or wirelessly interactable and/or wirelessly interacting components and/or logically interacting and/or logically interactable components.
  • the phrase “A or B” will be understood to include the possibilities of “A” or “B” or “A and B.”
  • the terms “any of followed by a listing of a plurality of items and/or a plurality of categories of items, as used herein, are intended to include “any of,” “any combination of,” “any multiple of,” and/or “any combination of multiples of the items and/or the categories of items, individually or in conjunction with other items and/or other categories of items.
  • the term “set” or“group” is intended to include any number of items, including zero.
  • the term “number” is intended to include any number, including zero.
  • a range includes each individual member.
  • a group having 1-3 cells refers to groups having 1 , 2, or 3 cells.
  • a group having 1-5 cells refers to groups having 1 , 2, 3, 4, or 5 cells, and so forth.
  • a processor in association with software may be used to implement a radio frequency transceiver for use in a wireless transmit receive unit (WTRU), user equipment (UE), terminal, base station, Mobility Management Entity (MME) or Evolved Packet Core (EPC), or any host computer.
  • WTRU wireless transmit receive unit
  • UE user equipment
  • MME Mobility Management Entity
  • EPC Evolved Packet Core
  • the WTRU may be used m conjunction with modules, implemented in hardware and/or software including a Software Defined Radio (SDR), and other components such as a camera, a video camera module, a videophone, a speakerphone, a vibration device, a speaker, a microphone, a television transceiver, a hands free headset, a keyboard, a Bluetooth® module, a frequency modulated (FM) radio unit, a Near Field Communication (NFC) Module, a liquid crystal display (LCD) display unit, an organic light-emitting diode (OLED) display unit, a digital music player, a media player, a video game player module, an Internet browser, and/or any Wireless Local Area Network (WLAN) or Ultra Wide Band (UWB) module.
  • SDR Software Defined Radio
  • other components such as a camera, a video camera module, a videophone, a speakerphone, a vibration device, a speaker, a microphone, a television transceiver, a hands free headset, a
  • non-transitory computer-readable storage media include, but are not limited to, a read only memory (ROM), random access memory (RAM), a register, cache memory, semiconductor memory devices, magnetic media such as internal hard disks and removable disks, magneto-optical media, and optical media such as CD-ROM disks, and digital versatile disks (DVDs).
  • ROM read only memory
  • RAM random access memory
  • register cache memory
  • semiconductor memory devices magnetic media such as internal hard disks and removable disks, magneto-optical media, and optical media such as CD-ROM disks, and digital versatile disks (DVDs).
  • a processor in association with software may be used to implement a radio frequency transceiver for use in a WTRU, UE, terminal, base station, RNC, or any host computer.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
PCT/US2020/024443 2019-03-26 2020-03-24 Methods, apparatus and systems for secured radio resource control (rrc) signaling over a pc5 interface for unicast communication WO2020198216A1 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
CN202080030131.8A CN113711567A (zh) 2019-03-26 2020-03-24 用于通过pc5接口进行安全无线电资源控制(rrc)信令以用于单播通信的方法、装置和系统
BR112021019171A BR112021019171A2 (pt) 2019-03-26 2020-03-24 Método implementado por uma primeira unidade de transmissão/recepção sem fio, e, primeira unidade de transmissão/recepção sem fio
US17/441,796 US20220174481A1 (en) 2019-03-26 2020-03-24 Methods, apparatus and systems for secured radio resource control (rrc) signaling over a pc5 interface for unicast communication
KR1020217030890A KR20210154146A (ko) 2019-03-26 2020-03-24 유니캐스트 통신을 위한 pc5 인터페이스를 통한 보안 라디오 자원 제어(rrc) 시그널링을 위한 방법들, 장치들 및 시스템들
EP20720220.1A EP3949325A1 (en) 2019-03-26 2020-03-24 Methods, apparatus and systems for secured radio resource control (rrc) signaling over a pc5 interface for unicast communication

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201962824001P 2019-03-26 2019-03-26
US62/824,001 2019-03-26

Publications (1)

Publication Number Publication Date
WO2020198216A1 true WO2020198216A1 (en) 2020-10-01

Family

ID=70296079

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2020/024443 WO2020198216A1 (en) 2019-03-26 2020-03-24 Methods, apparatus and systems for secured radio resource control (rrc) signaling over a pc5 interface for unicast communication

Country Status (6)

Country Link
US (1) US20220174481A1 (ko)
EP (1) EP3949325A1 (ko)
KR (1) KR20210154146A (ko)
CN (1) CN113711567A (ko)
BR (1) BR112021019171A2 (ko)
WO (1) WO2020198216A1 (ko)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022150542A1 (en) * 2021-01-07 2022-07-14 Idac Holdings, Inc. Change of pc5 link identifiers between the wtru and the layer-2 wtru to wtru relay

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112351431B (zh) * 2019-08-09 2023-06-30 华为技术有限公司 一种安全保护方式确定方法及装置
WO2023245520A1 (zh) * 2022-06-22 2023-12-28 北京小米移动软件有限公司 一种定位服务的直接通信方法及装置

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102149088A (zh) * 2010-02-09 2011-08-10 工业和信息化部电信传输研究所 一种保护移动用户数据完整性的方法
US20160021581A1 (en) * 2013-01-17 2016-01-21 Interdigital Patent Holdings, Inc. Packet data convergence protocol (pdcp) placement
CN105103578A (zh) * 2013-04-05 2015-11-25 交互数字专利控股公司 安全端对端和组通信
WO2017030348A1 (ko) * 2015-08-14 2017-02-23 엘지전자 주식회사 무선 통신 시스템에서 v2x 메시지 송수신 방법 및 이를 위한 장치
US10813149B2 (en) * 2016-01-21 2020-10-20 Lg Electronics Inc. Method for transmitting/receiving V2X message in local network in wireless communication system and apparatus for same
EP3498035B1 (en) * 2016-08-10 2023-12-13 InterDigital Patent Holdings, Inc. Light connectivity and autonomous mobility
US20180083972A1 (en) * 2016-09-20 2018-03-22 Lg Electronics Inc. Method and apparatus for security configuration in wireless communication system
WO2018201506A1 (zh) * 2017-05-05 2018-11-08 华为技术有限公司 一种通信方法及相关装置
CN111417092B (zh) * 2019-01-04 2023-03-24 华硕电脑股份有限公司 支持单个一对一侧链路通信链路车联网服务的方法和设备
EP4066526A4 (en) * 2020-02-17 2023-01-04 Samsung Electronics Co., Ltd. METHOD AND APPARATUS FOR MANAGING SECURITY POLICY IN A V2X COMMUNICATION SYSTEM

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ETSI 3GPP TEAM: "Proximity Based Services (ProSe) - Security Aspects 3GPP TS 33.303 Rel 15", 31 July 2018 (2018-07-31), pages 1 - 90, XP055691387, Retrieved from the Internet <URL:https://www.etsi.org/deliver/etsi_ts/133300_133399/133303/15.00.00_60/ts_133303v150000p.pdf> [retrieved on 20200504] *
QUALCOMM INCORPORATED: "Security establishment procedures for ProSe one-to-one communication", vol. CT WG1, no. Jeju (Korea); 20160215 - 20160219, 6 March 2016 (2016-03-06), XP051075002, Retrieved from the Internet <URL:http://www.3gpp.org/ftp/Meetings_3GPP_SYNC/CT/Docs/> [retrieved on 20160306] *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022150542A1 (en) * 2021-01-07 2022-07-14 Idac Holdings, Inc. Change of pc5 link identifiers between the wtru and the layer-2 wtru to wtru relay

Also Published As

Publication number Publication date
EP3949325A1 (en) 2022-02-09
US20220174481A1 (en) 2022-06-02
KR20210154146A (ko) 2021-12-20
CN113711567A (zh) 2021-11-26
BR112021019171A2 (pt) 2021-12-07

Similar Documents

Publication Publication Date Title
EP3451787A1 (en) Methods and apparatuses for enabling physical layer sharing among multiple wireless communication entities
EP3818738A1 (en) Methods and procedures for the dynamic mac address distribution in ieee 802.11 networks
US20220174481A1 (en) Methods, apparatus and systems for secured radio resource control (rrc) signaling over a pc5 interface for unicast communication
US20220132307A1 (en) Procedures enabling v2x unicast communication over pc5 interface
EP4104476A1 (en) Unmanned aerial vehicle authentication and authorization by unmanned aerial system traffic management over user plane
US20230061284A1 (en) Security and privacy support for direct wireless communications
WO2021092384A1 (en) Methods and apparatus for direct discovery and communication using a wtru to wtru relay
US20230388785A1 (en) Methods, apparatus, and systems for communications security with proximity services relay wtru
US20230224778A1 (en) Methods, apparatuses and systems directed to a change of wtru to wtru relay
WO2022150542A1 (en) Change of pc5 link identifiers between the wtru and the layer-2 wtru to wtru relay
US20240171972A1 (en) End-to-end authentication via a wtru-to-wtru relay
US20240155335A1 (en) Methods and apparatuses for privacy enhancement through mac address masquerading
US20220400362A1 (en) 5g prose service based discovery
US20230071287A1 (en) Methods, apparatus and systems using vehicle-to-everything (v2x) enhancements to support vehicle-to-pedestrian (v2p) communication
WO2024072690A1 (en) METHODS AND APPARATUS FOR PRIVACY HANDLING IN ProSe LAYER-2 UE-TO-NETWORK RELAY OPERATIONS
WO2023014805A1 (en) Methods, apparatus, and systems for enabling indirect-to-direct path switching at layer-3 (l3) user equipment (ue)-to-ue relay
EP4381771A1 (en) Methods, apparatus, and systems for enabling indirect-to-direct path switching at layer-3 (l3) user equipment (ue)-to-ue relay
WO2024026438A1 (en) Method and apparatus for enabling sidelink positioning for location of out-of-coverage wireless transmit/receive units
WO2024044186A1 (en) Roaming wireless transmit/receive unit authorization for edge applications
WO2024015403A1 (en) Authentication methods for sba-enabled devices
WO2024026082A1 (en) Method and apparatus for enabling n3gpp communication between remote wtru and relay wtru
WO2023154367A1 (en) Enhanced cho/cpc between a source and target node

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20720220

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112021019171

Country of ref document: BR

ENP Entry into the national phase

Ref document number: 2020720220

Country of ref document: EP

Effective date: 20211026

ENP Entry into the national phase

Ref document number: 112021019171

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20210924